bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/21901.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

12 lines
No EOL
451 B
Text
Raw Permalink Blame History

source: https://www.securityfocus.com/bid/5866/info
MySimpleNews stores the administrative password in clear text in a remotely viewable HTML file.
Any remote user can view the contents of the HTML file to determine the administrator password.
The administrator password can be found in the HTML code for admin.html below:
moncode = prompt('MySimpleNews - Administration','');
if (moncode != "[ADMINPASSWORD]")
{
location.href="about:Erreur 403";
}
Reference in a new issue View git blame Copy permalink