批踢踢實業坊
›
看板
Bugtraq
關於我們
聯絡資訊
返回看板
發信人
anon.e.mouse@gmail.com,
看板
Bugtraq
標 題
Re: local bug :[xxs] in whm
發信站
NCTU CSIE FreeBSD Server (Fri Feb 16 10:43:35 2007)
轉信站
ptt!FreeBSD.csie.NCTU!not-for-mail
This is also a straight up CSRF exploit as well -- the script does what it looks like it will do. Change the root user's mysql password with no interaction.