[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

2532|Gigs <= 1.2.2 Arbitrary Database Backup/Download Vulnerability

Author
t0pP8uZz
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-2892
Category
web applications
Date add
17-04-2008
Platform
unsorted
===================================================================
2532|Gigs <= 1.2.2 Arbitrary Database Backup/Download Vulnerability
===================================================================



--==+================================================================================+==--
--==+          2532|Gigs <= 1.2.2 Arbitrary Remote Database Backup/Download          +==--
--==+================================================================================+==--



Discovered By: t0pP8uZz
Discovered On: 18 April 2008
Script Download: http://www.2532gigs.com/?download=2532Gigs_stable
DORK: N/A

Vendor Has Not Been Notified!


DESCRIPTION: 
2532|Gigs does not validate a user in "backup.php" this means any user can visit and backup.
of course some GET variables are being used but thats all.

running the below url/path on a server that is running 2532|Gigs will make a backup of the database
and save it too "http://site.com/2532gigs/backup.sql"


Vulnerability:
http://site.com/2532gigs/backup.php?export=1


NOTE/TIP: 
you must be logged in to a ordinary user account for this too work!



#  0day.today [2024-11-15]  #