[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: "Simple PHP Newsletter" Remote Admin Password Change With install path



So, essentially this threat can be removed by simply deleting the
"install" directory, which is common practice when installing web
applications?

On Tue, Mar 29, 2011 at 10:03 AM,  <cseye_ut@xxxxxxxxx> wrote:
> #####################################################################################
> #### "Simple PHP Newsletter" Remote Admin Password Change With ####
> #### install path ####
> #####################################################################################
> # #
> # Author: alieye #
> # #
> # class : remote #
> # #
> # E-mail: cseye_ut@xxxxxxxxx #
> # #
> # greetz: C.S.Eye Security Team members #
> # #
> # We Are: Alieye , Z0d14c , Bully13 , Stanly , Safety & All Iranian Hackers #
> # #
> # Site : www.gcmt.vcp.ir , blog : www.cseye.blogfa.com #
> #####################################################################################
>
> download : http://quirm.net/download/23/
>
>
> Dork : intitle:"News list Administration panel" or "Simple PHP Newsletter"
>
>
> Example :
>
>
> 1. Go to url : target.com/newsletter/admin.php or target.com/mailer/admin.php
>
> 2. Clean admin.php and Go to target.com/newsletter/install/install1.php or target.com/mailer/install/install1.php
>
> 3. Write new password for admin and click next stage
>
> 4. finish install
>
> 5. Go to url : target.com/newsletter/admin.php or target.com/mailer/admin.php
>
> 5. Login admin with new password
>
> Date : 03/29/2011
>