So, essentially this threat can be removed by simply deleting the "install" directory, which is common practice when installing web applications?
On Tue, Mar 29, 2011 at 10:03 AM, <[email protected]> wrote: > ##################################################################################### > #### "Simple PHP Newsletter" Remote Admin Password Change With #### > #### install path #### > ##################################################################################### > # # > # Author: alieye # > # # > # class : remote # > # # > # E-mail: [email protected] # > # # > # greetz: C.S.Eye Security Team members # > # # > # We Are: Alieye , Z0d14c , Bully13 , Stanly , Safety & All Iranian Hackers # > # # > # Site : www.gcmt.vcp.ir , blog : www.cseye.blogfa.com # > ##################################################################################### > > download : http://quirm.net/download/23/ > > > Dork : intitle:"News list Administration panel" or "Simple PHP Newsletter" > > > Example : > > > 1. Go to url : target.com/newsletter/admin.php or target.com/mailer/admin.php > > 2. Clean admin.php and Go to target.com/newsletter/install/install1.php or > target.com/mailer/install/install1.php > > 3. Write new password for admin and click next stage > > 4. finish install > > 5. Go to url : target.com/newsletter/admin.php or target.com/mailer/admin.php > > 5. Login admin with new password > > Date : 03/29/2011 >
