首页网络安全 Exploit 正文

我要投稿

MFORUM 0.1a Arbitrary Add-Admin Vulnerability

admin Exploit

2023-12-04 0 264

=================================================

MFORUM 0.1a Arbitrary Add-Admin Vulnerability

=================================================

,–^———-,——–,—–,——-^–,

| ||||||||| `——–\’ | O .. CWH Underground Hacking Team ..

` —————————^———-|

`\\_,——-, _________________________|

/ XXXXXX /`| /

/ XXXXXX / `\\ /

/ XXXXXX /\\______(

/ XXXXXX /

/ XXXXXX /

(________(

`——\’

AUTHOR : CWH Underground

DATE : 13 July 2008

SITE : cwh.citec.us

###################################################################################

APPLICATION : MFORUM

VERSION : 0.1a

DOWNLOAD : http://downloads.sourceforge.net/marcioforum/mforum.zip

###################################################################################

— Add-Admin Exploit —

***magic_quotes_gpc = off***

————-

Description

————-

MFORUM 0.1a has Vulnerability to escalate user\’s privilege to administartor\’s privilege.

That Vulnerable in "Control Panel – Edit your profile" (http://[Target]/[mforum_path]/usercp.php?mode=edit_profile)

and you can injection code into various field (City, Interest, Email, Icq, msn, Yahoo Messenger).

This action will give your account can use Admin Control Panel (http://[Target]/[mforum_path]/admin/index.php)

with Administrative\’s Privilege.

—————–

Vulnerable Path

—————–

[ ] http://[target]/[mforum_path]/usercp.php?mode=edit_profile

————–

Exploit code

————–

[ ] hacked", type="2

#####################################################################

Greetz : ZeQ3uL, BAD $ectors, Snapter, Conan, JabAv0C, Win7dos

Special Thx : asylu3, str0ke, citec.us, milw0rm.com

#####################################################################

收藏 (0) 打赏

感谢您的支持，我会继续努力的!

打开微信/支付宝扫一扫，即可进行扫码打赏哦，分享从这里开始，精彩与您同在

点赞 (0)

悠久资源 Exploit MFORUM 0.1a Arbitrary Add-Admin Vulnerability https://www.u-9.cn/security/exploit/71892.html

&quot 0.1a HTTP MFORUM mforum_path Panel XXXXXX

admin

MFORUM 0.1a Arbitrary Add-Admin Vulnerability

上一篇： ITechBids 7.0 Gold (XSS/SQL) Multiple Remote Vulnerabilities

MFORUM 0.1a Arbitrary Add-Admin Vulnerability

下一篇： CodeDB (list.php lang) Local File Inclusion Vulnerability

常见问题

相关文章

PPMate PPMedia Class ActiveX Control Buffer Overflow PoC

PPMate PPMedia Class ActiveX Control Buffer Overflow PoC

Exploit

admin

5个月前 484

AlstraSoft Article Manager Pro 1.6 Blind SQL Injection Exploit

AlstraSoft Article Manager Pro 1.6 Blind SQL Injection Exploit

Exploit

admin

5个月前 314

Bea Weblogic Apache Connector Code Exec / Denial of Service Exploit

Bea Weblogic Apache Connector Code Exec / Denial of Service Exploit

Exploit

admin

5个月前 854

WinRemotePC Full Lite 2008 r.2server Denial of Service Exploit

WinRemotePC Full Lite 2008 r.2server Denial of Service Exploit

Exploit

admin

5个月前 860

猜你喜欢

PPMate PPMedia Class ActiveX Control Buffer Overflow PoC 2023-12-07
AlstraSoft Article Manager Pro 1.6 Blind SQL Injection Exploit 2023-12-07
Bea Weblogic Apache Connector Code Exec / Denial of Service Exploit 2023-12-07
WinRemotePC Full Lite 2008 r.2server Denial of Service Exploit 2023-12-07
Document Imaging SDK 10.95 ActiveX Buffer Overflow PoC 2023-12-07
Yahoo Messenger 8.1 ActiveX Remote Denial of Service Exploit 2023-12-07
Simple DNS Plus 2023-12-07
NCTsoft AudFile.dll ActiveX Control Remote Buffer Overflow Exploit 2023-12-07
Pligg 2023-12-07
CoolPlayer m3u File Local Buffer Overflow Exploit 2023-12-07

发表评论

暂无评论

官方客服团队

为您解决烦忧 - 24小时在线专业服务

联系官方团队在线提交工单

如遇问题，请联系客服
联系客服请注明来意高端主题开发
微信公众号

总裁主题·高端主题
返回顶部