PHPVidz 0.9.5 remote database disclosure vulnerability

2010-05-19 / 2010-05-20

Credit: Michael Brooks

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Original Advisory:http://blog.sitewat.ch/2010/05/phpvidz-administrative-password.html
Affecting: phpvidz 0.9.5
Vulnerability: Administrative Password Disclosure
Vendor's Homepage: http://sourceforge.net/projects/phpvidz/
Date: May 15th 2010
Researcher: Michael Brooks
phpvidz does not use a SQL database. Instead it uses a system of flat files to maintain application state. The administrative password is stored within the following file and is included during runtime. Because this file has a .inc extension it is viewable by the attacker.
To exploit this issue visit this url:
http://localhost/phpvidz_0.9.5/includes/init.inc
By default the password is the following constant:
define ('ADMINPASSWORD' , '0000' );
This password can be used to login here (A username is not required):
http://localhost/phpvidz_0.9.5/admin.php

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

PHPVidz 0.9.5 remote database disclosure vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.