Tahyeess.com suffers from a user validation bypass vulnerability.
7bce473c26152c91988189b9c93a54aa280e29d3f361384b1de11d7fec256e5d
[*]##############################################
[+] |____ViRuS_HiMa@YouR SyS__|__\ #
[+] |______________________|___||\*___ #
[+] |______________________|___||""|"*\___, #
[+] |______________________|___||""|*"|___|| #
[+] "([ (@)''(@)""""""(|*(@)(@)********(@)* #
[+]====================================================================||
[*] About : tahyeess.com script Remote PrivateData Change Vulnerability||
[!] Site : http://www.tahyeess.com ||
[!] Author : ViRuS_HiMa ||
[!] Site : wWw.HeLL-z0ne.org ||
[!] E-Mail : eGypT_GoVeRnMenT[at]HoTmaiL[dot]CoM ||
[!] Location : Cairo-007 ||
[!]====================================================================||
[!] [H]eL[L] [Z]on[E] [C]re[W] - [ ViRuS_HiMa ~ MecTruy ~ RedStorM ]||
[!]====================================================================||
[!]
[!] Exploitation : ||
[!]
[!] when you register the site they gonna send you A msg . . ||
[!]
[!] an line in the msg contain A Hyperlink . . it's Properties is : ||
[!]
[!] http://www.tahyeess.com/autho/activation.aspx?ui=2 ||
[!] &ik=a8be522dec&view=tl&
[!] search=inbox&U=ViRuS_HiMa&fs=1&start=0#inbox/1194be3e388f6bd7 ||
[!]
[!] Look up there . . do you see this :- search=inbox&U=ViRuS_HiMa ||
[!]
[!] just change ViRuS_HiMa to any user in the site . ! ||
[!]
[!] and you will enter with his Account . . . ||
[!]
[!] also you can edit all his data Not the password only :) ||
[!]
[!]====================================================================||
[!] Greetz 2 Allah - Muslim Hackers - My Friends - And oTherz . ||
[*]====================================================================||
_________________________________________________________________
More than messagescheck out the rest of the Windows Live.
http://www.microsoft.com/windows/windowslive/