Bugtraq mailing list archives

Vulnerability in Helpdesk software Hesk 0.92

From: s2b () hotmail com
Date: 29 Aug 2005 12:26:14 -0000

By The Name Of Allah

Vulnerability in Helpdesk software Hesk ..

Vulnerability Type : Login into The Administrator Menu With out Password

Injected version : Helpdesk software Hesk 0.92

Vulnerability Example

http://www.springporttwppd.com/helpdesk/

add : admin.php

http://www.springporttwppd.com/helpdesk/admin.php

Choose the username : administrator

Put any password in the password field

change the url to : admin_main.php

http://www.springporttwppd.com/helpdesk/admin_main.php

You Are Noe in the Administrator menu ..

Thx For  : Devil-00 & ADBUCTER

Peace

Current thread:

Vulnerability in Helpdesk software Hesk 0.92 s2b (Aug 29)
- Re: Vulnerability in Helpdesk software Hesk 0.92 Thomas Krüger (Aug 30)
- <Possible follow-ups>
- Re: Vulnerability in Helpdesk software Hesk 0.92 not (Aug 30)