17 lines
No EOL
635 B
Text
17 lines
No EOL
635 B
Text
# Vendor: http://www.jevonweb.f2s.com/
|
|
# Version: 1.0
|
|
# Tested on: Windows and Linux
|
|
---------------------------------------
|
|
> Jevonweb Guestbook Remote Admin Access Exploit
|
|
> Author: Sora
|
|
> Contact: vhr95zw@hotmail.com
|
|
> Google Dork: "Jevonweb Guestbook" "http://www.jevonweb.f2s.com/" inurl:/cp/Scripts/PHP/Guestbook/config.php
|
|
|
|
Description:
|
|
Jevonweb Guestbook suffers a remote admin access exploit in setup.php.
|
|
|
|
Solution:
|
|
Add setup.php to the webhost's .htaccess file.
|
|
|
|
# Code: http://www.site.com/cp/Scripts/PHP/Guestbook/read.txt
|
|
# Greetz: Bw0mp, Popc0rn, Xermes, T3eS, Timeb0mb, [H]aruhiSuzumiya, and Revelation! |