February 23, 2016

eDirectory Script Vulnerability

jmanson

No Comments

Another serious vulnerability – backdoor of eDirectory – Directory Software & Business Directory scripts.
Anyone can access your control panel without admin password.
And then what? He can shell your server there.
I tested on v10.0 & v10.2.
You can try:
Here
then
Click here
Yeah, now you are in the control panel.

Leave a Reply

Your email is never published nor shared. Required fields are marked *

*

You may use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>