======================== WEBXAKEP.NET =========================== Name: "Zomplog 3.8.2 <= add admin" Version: All Script Download: http://www.zomp.nl/zomplog/ DORK: "powered by zomplog" Discovered By: ArxWolf Discovered On: 16 05 2008 WWW: http://WebXakep.net ICQ: 504-282 Vulnerability to "install/newuser.php", to add 2 administrator. Folder "install" not removed in 70% of cases. Exploit: --------------------------------------------------------
Добавляем админа "Add Admin"

------------------------------------------------------------- http://******/admin/profile.php // Add or delete user ^_^ http://******/admin/themes.php // If there is a right of entry you can fill shell. ========================= WEBXAKEP.NET =========================== # milw0rm.com [2008-05-16]