[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

XOOPS Remote Install System Vulnerability

Author
Angel Injection
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-16476
Category
web applications
Date add
06-07-2011
Platform
php
# Exploit Title:XOOPS Remote Install System Vulnerability

# Date: 6/7/2011

# Author: Angel Injection

# home Page: http://www.club-h.co.cc

# Email: Angel-Injection[at]hotmail[dot]com

# Version: v1.2

# Category:: webapps

# Google dork: intitle:"XOOPS Custom Installation"

# Tested on: Linux Back Track 5


# Demo site:
http://smile-personalagentur.de/personalagenturag/install/index.php
http://feiradaliberdade.com.br/demo/install/index.php
http://libya-tech.com/afde/install/index.php
http://igo.site88.net/xop/install/index.php
http://arquidiocesisdeleon.org/parroquiasanmartin/install/index.php

How exploitation?
When you continue with the installation you will see
Database Hostname
Database Username
Database Password
Database Name
Table Prefix
XOOPS Physical Path
XOOPS Virtual Path (URL)

Just click on the next
You just fill Alamlomat on the page which has been accepted

Good Luck

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Greetz To :1337day Team

Thanx To
Club Hack Team all people of iraq



#  0day.today [2024-12-24]  #