linkscaffe30.txt

linkscaffe30.txt: Posted Aug 30, 2006; Authored by HoangYenXinhDep | Site vnsecurity.com; The admin1953.php file included in LinksCaffe version 3.0 allows for direct access giving an attacker full administrative privileges.; tags | exploit, php; SHA-256 | 240cbbbde655ba594f56dcfe2c5733dc3ff3c9ab647a203bcf9ad913eb14fa16; Download | Favorite | View

linkscaffe30.txt

Gonafish.com LinksCaffe 3.0 is free link indexing directory, we found that the file admin1953.php can be accessed directly to get full administration rights without password and username. 

Proof of exploit:
http://www.example.com/[path_to_linksCaffe]/Admin/admin1953.php

Or the images of mirror
http://vietnamsecurity.googlepages.com/1.JPG
http://vietnamsecurity.googlepages.com/2.JPG
http://vietnamsecurity.googlepages.com/3.JPG

Affected
LinksCaffe 2.0, 3.0, Pro no test

Fix : Easy to fix, just put checker to the file

HoangYenXinhDep
Vietnam Security Team
http://www.vnsecurity.com

Top Authors In Last 30 Days

Red Hat 226 files
Ubuntu 86 files
Gentoo 31 files
Debian 21 files
tmrswrr 10 files
Sina Kheirkhah 7 files
bRpsd 4 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files
Google Security Research 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,078)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,374)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,287)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,660)
UNIX (9,426)
UnixWare (187)
Windows (6,666)
Other

linkscaffe30.txt

linkscaffe30.txt

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

linkscaffe30.txt

Share This

linkscaffe30.txt

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems