XOOPS Remote Install System Vulnerability



EKU-ID: 693 CVE: OSVDB-ID:
Author: Angel Injection Published: 2011-07-07 Verified: Not Verified
Download:

Rating

☆☆☆☆☆
Home 


# Exploit Title:XOOPS Remote Install System Vulnerability

# Date: 6/7/2011

# Author: Angel Injection

# home Page: http://www.club-h.co.cc

# Email: Angel-Injection[at]hotmail[dot]com

# Version: v1.2

# Category:: webapps

# Google dork: intitle:"XOOPS Custom Installation"

# Tested on: Linux Back Track 5


# Demo site:
http://smile-personalagentur.de/personalagenturag/install/index.php
http://feiradaliberdade.com.br/demo/install/index.php
http://libya-tech.com/afde/install/index.php
http://igo.site88.net/xop/install/index.php
http://arquidiocesisdeleon.org/parroquiasanmartin/install/index.php

How exploitation?
When you continue with the installation you will see
Database Hostname
Database Username
Database Password
Database Name
Table Prefix
XOOPS Physical Path
XOOPS Virtual Path (URL)

Just click on the next
You just fill Alamlomat on the page which has been accepted

Good Luck

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Greetz To :1337day Team

Thanx To
Club Hack Team all people of iraq