StatCounteX 3.0 & 3.1 Admin Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: StatCounteX 3.0 & 3.1 Admin Vulnerability
From: Sekomirza@xxxxxxxxxxxxxxx
Date: 14 Feb 2008 22:50:49 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

StatCounteX 3.0 & 3.1 Admin Vulnerability
________________________________________
No need to exploit ; 
An attacker can follow /admin.asp link and edit the scripts configurations
________________________________________
google dork : intitle:StatCounteX 3.1 Yönetici 
________________________________________

SekoMirza From Turkiye !

Prev by Date: UniversalFtp Server 1.0.44 Multiple Remote Denial of service
Next by Date: Re: Joomla 1.0.13 - 1.0.14 / (remote) PHP file inclusion possible if old configuration.php
Previous by thread: scribe 0.2 local file inclusion vulnerability
Next by thread: [INFIGO-2008-02-13]: SOPHOS Email Security Appliance Cross Site Scripting Vulnerability
Index(es):
- Date
- Thread