Bugtraq mailing list archives

Re: "Simple PHP Newsletter" Remote Admin Password Change With install path

From: Patrick Kelley <psworn () gmail com>
Date: Tue, 29 Mar 2011 10:56:41 -0400

So, essentially this threat can be removed by simply deleting the
"install" directory, which is common practice when installing web
applications?

On Tue, Mar 29, 2011 at 10:03 AM,  <cseye_ut () yahoo com> wrote:

#####################################################################################
#### "Simple PHP Newsletter" Remote Admin Password Change With ####
#### install path ####
#####################################################################################
# #
# Author: alieye #
# #
# class : remote #
# #
# E-mail: cseye_ut () yahoo com #
# #
# greetz: C.S.Eye Security Team members #
# #
# We Are: Alieye , Z0d14c , Bully13 , Stanly , Safety & All Iranian Hackers #
# #
# Site : www.gcmt.vcp.ir , blog : www.cseye.blogfa.com #
#####################################################################################

download : http://quirm.net/download/23/


Dork : intitle:"News list Administration panel" or "Simple PHP Newsletter"


Example :


1. Go to url : target.com/newsletter/admin.php or target.com/mailer/admin.php

2. Clean admin.php and Go to target.com/newsletter/install/install1.php or target.com/mailer/install/install1.php

3. Write new password for admin and click next stage

4. finish install

5. Go to url : target.com/newsletter/admin.php or target.com/mailer/admin.php

5. Login admin with new password

Date : 03/29/2011

Current thread:

"Simple PHP Newsletter" Remote Admin Password Change With install path cseye_ut (Mar 29)
- Re: "Simple PHP Newsletter" Remote Admin Password Change With install path Patrick Kelley (Mar 30)
- <Possible follow-ups>
- "Simple PHP Newsletter" Remote Admin Password Change With install path cseye_ut (Mar 29)