Full Disclosure mailing list archives
Traidnt up 3 , Admin info reset exploit
From: 0u7 5m4r7 <n0p1337 () gmail com>
Date: Sun, 15 Dec 2013 18:45:40 +0200
Traidnt upload version 3 don't filter the x_forwarded_for header which allow the attacker to exploit it to update administrator's data
Attachment:
traidnt_upload.py
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Traidnt up 3 , Admin info reset exploit 0u7 5m4r7 (Dec 16)