Author: DarkKnight

My site: http://www.insecureonline.com

Product: Poster.version:two

Side Note: This is my first post ever on bugtraq, so bear with me. 

Vendors: Contacted



A vulnerability exists within Poster.version:two that allows a remote 

attacker to add accounts to a Poster.version:two. The vulnerability 

exists within Poster's setup. The setup doesn't lock itself after it is 

ran, so the setup is still active and usable. A sample is listed below



http://www.website.com/poster/?

go=setup_submit&un=DarkKnight&pw=123456&em=EMAIL&submit=submit



The above link would add the user "DarkKnight" with the password "123456" 

and the email "EMAIL" to the list of users for the Poster script. The 

user has complete admin access to Poster and will be able to delete 

accounts, modify news, post news, change the formation of the news, and 

steal the password of the users who use Poster, which may be the password 

to their email or website.



The two people who deserve credit for this vulnerability are: Fusen and 

DarkKnight [me :)]



Want great hosting? Get it at http://www.onlinehoster.com