More fatal vulnerabilities found on Xtream UI

[JackFack]

Hello everybody, I have forgot to mention to the introduction that I am also a hacker and I have also found fatal vulnerabilities from Xtream UI. I won't recommend xtream UI to anyone because of those vulns. With them you will be able to login to the panel as an administrator by stealing the admin session and then steal all the streams. So be careful with Xtream UI!

EDIT: Vulnerability is reported

 

[guetteur]

Hi
I suggest that you communicate any vulnerability to the xui team and help others to use safe solution.
Regards.

 

[Delta19]

Hello everybody, I have forgot to mention to the introduction that I am also a hacker and I have also found fatal vulnerabilities from Xtream UI. I won't recommend xtream UI to anyone because of those vulns. With them you will be able to login to the panel as an administrator by stealing the admin session and then steal all the streams. So be careful with Xtream UI!

I wil also tel the same and other things ..........so .give a prove of it wat you are saying !!!of let the other do the great job

Regards

 

[Kenxo]

Hello everybody, I have forgot to mention to the introduction that I am also a hacker and I have also found fatal vulnerabilities from Xtream UI. I won't recommend xtream UI to anyone because of those vulns. With them you will be able to login to the panel as an administrator by stealing the admin session and then steal all the streams. So be careful with Xtream UI!

Before you are going to tell us this maybe good/bad info please read this and you can reward 1000 $ if you prove this what you are saying ..

Xtream UI - Login

GTA wrote ...........


Hi all,
So I'm soon going to release an update that fixes a few exploits, one that I found and one that another person sent me in an email as it was posted to a blog somewhere.

Neither exploit is for Xtream UI, both for Xtream Codes itself.

Okay so that brings me to the reward part, if anyone can give me a serious exploit for Xtream UI that works on the latest version I'll donate $1,000 to the cause.

By serious exploit I mean something that will grant me access to something important. Admin access to the panel, SQL injection etc. The exploit has to work from either not being logged in to the panel, or logged in as a reseller.

You get the gist.

Happy hunting.

 

[JackFack]

Before you are going to tell us this maybe good/bad info please read this and you can reward 1000 $ if you prove this what you are saying ..



GTA wrote ...........


Hi all,
So I'm soon going to release an update that fixes a few exploits, one that I found and one that another person sent me in an email as it was posted to a blog somewhere.

Neither exploit is for Xtream UI, both for Xtream Codes itself.

Okay so that brings me to the reward part, if anyone can give me a serious exploit for Xtream UI that works on the latest version I'll donate $1,000 to the cause.

By serious exploit I mean something that will grant me access to something important. Admin access to the panel, SQL injection etc. The exploit has to work from either not being logged in to the panel, or logged in as a reseller.

You get the gist.

Happy hunting.

I will report it as soon as possible, thank you.

 

[tomsaywer]

I will report it as soon as possible, thank you. Hopefully I get the $1000

Attention that you receive that value has to be demostated not only to come here to talk... because of conversations ...

 

[JoAodeDeUs]

Hacker friend, just a tip, I will repeat what our colleagues have already said above:
Prove to GTA what you are talking about, for sure he will disclose his 'discovery' with due credits, I know that GTA acts this way, and besides, you will be well known and you will still receive the amount / payment he offered!

 

[JackFack]

Hacker friend, just a tip, I will repeat what our colleagues have already said above:
Prove to GTA what you are talking about, for sure he will disclose his 'discovery' with due credits, I know that GTA acts this way, and besides, you will be well known and you will still receive the amount / payment he offered!

I have already written to him about the exploit method how it works and other information about it like what the bug is called. The first bug I found is the most harmful one, the second is less harmful. The second one is harmful because Xtream UI users forget to change something.

 

[Kenxo]

I have already written to him about the exploit method how it works and other information about it like what the bug is called. The first bug I found is the most harmful one, the second is less harmful. The second one is harmful because Xtream UI users forget to change something.

You are going now in the right direction and if GTA confirm this than I will be Thankful to you for this ...this will be another reason to make update as soon is possible ...

 

[wilson44]

I think Right now most of the exploits are gone, is that true?

 

[Kukaljcanin]

Not it’s even worse.