[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

DCForum Remote Admin Privilege Compromise Vulnerability

[ 0Day-ID-19683 ]
Full title
DCForum Remote Admin Privilege Compromise Vulnerability [ Highlight ]
Highlight - is paid service, that can help to get more visitors to your material.

Price: 10
Date add
Category
Platform
Verified
Price
free
Risk
[
Security Risk High
]
Rel. releases
Description
Vulnerable: DC Scripts DCForum 2000 1.0
DC Scripts DCForum 6.0

DCForum is a commercial cgi script from DCScripts which is designed to facilitate web-based threaded discussion forums.

Versions of DCForum are vulnerable to attacks which can yield an elevation of privileges and remote execution of arbitrary commands.

DCForum maintains a file containing its user account information, including hashed user passwords and other potentially sensitive information.

When a new user account is created, the user's information is written to this file. Fields within each record are delimited by pipe ('|') and newline characters.

DCForum fails to properly validate this user-supplied account information. As a result, an attacker can cause a corruption of the script's user records by providing a value for the last name field which includes URL-encoded pipes and newlines. By appending desired values to the last name field, an attacker can insert account information for a new user, and specify admin privileges.

This newly-created admin account allows a remote attacker to issue arbitrary commands with the privilege level of the webserver process.
Other Information
Abuses
0
Comments
0
Views
4 057
We DO NOT use Telegram or any messengers / social networks! We DO NOT use Telegram or any messengers / social networks! Please, beware of scammers!
free
Open Exploit
You can open this source code for free
Open Exploit
Open Exploit
You can open this source code for free
Verified by 0day Admin
Verified by 0day Admin
This material is checked by Administration and absolutely workable.
Author
BL
29
Exploits
233
Readers
0
[ Comments: 0 ]
Terms of use of comments:
  • Users are forbidden to exchange personal contact details
  • Haggle on other sites\projects is forbidden
  • Reselling is forbidden
Punishment: permanent block of user account with all Gold.

Login or register to leave comments