Simple PHP Guestbook Remote Admin Access Exploit

vendor:

Simple PHP Guestbook

by:

Sora

7.5

CVSS

HIGH

Remote Access

287

CWE

Product Name: Simple PHP Guestbook

Affected Version From: 1

Affected Version To: 1

Patch Exists: YES

Related CWE: N/A

CPE: a:simple_php_guestbook:simple_php_guestbook:1.0

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows and Linux

2006

Simple PHP Guestbook Remote Admin Access Exploit

Simple PHP Guestbook suffers an remote access in the guestbook admin file guestbook-admin.php.

Mitigation:

Add guestbook-admin.php to your .htaccess file.

Source

Exploit-DB raw data:

# Vendor: http://www.simplephpguestbook.com/
# Version: 1.0
# Tested on: Windows and Linux
--------------------------------------
> Simple PHP Guestbook Remote Admin Access Exploit
> Created by Sora
> [+] contact: vhr95zw [at] hotmail.com

Description:
Simple PHP Guestbook suffers an remote access in the guestbook admin file guestbook-admin.php.

Solution(s):
Add guestbook-admin.php to your .htaccess file.

# Google Dork: "Copyright (c) 2004-2006 by Simple PHP Guestbook"
# Code: http://www.site.com/guestbook-admin.php
________________________________
Get Windows 7 for only $39.99-CDN College or University students only. This offer ends Jan 3-upgrade now!<http://go.microsoft.com/?linkid=9691814>