- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 10665
- Проверка EDB
-
- Пройдено
- Автор
- SORA
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2009-12-25
Код:
# Vendor: http://www.jevonweb.f2s.com/
# Version: 1.0
# Tested on: Windows and Linux
---------------------------------------
> Jevonweb Guestbook Remote Admin Access Exploit
> Author: Sora
> Contact: vhr95zw@hotmail.com
> Google Dork: "Jevonweb Guestbook" "http://www.jevonweb.f2s.com/" inurl:/cp/Scripts/PHP/Guestbook/config.php
Description:
Jevonweb Guestbook suffers a remote admin access exploit in setup.php.
Solution:
Add setup.php to the webhost's .htaccess file.
# Code: http://www.site.com/cp/Scripts/PHP/Guestbook/read.txt
# Greetz: Bw0mp, Popc0rn, Xermes, T3eS, Timeb0mb, [H]aruhiSuzumiya, and Revelation!- Источник
- www.exploit-db.com
