Computer Security

Security Advisory: BTSaveMySql 1.2 (acces to config files)
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  Phorum <= 3.2.11 (common.php) Remote File Include Vulnerability

  cutenews aj-fork <= 167f (cutepath) Remote File Include Vulnerability

  EasyPage Portal ( all ver )SQL Injection

From:sn0oPy.team_(at)_gmail.com <sn0oPy.team_(at)_gmail.com>
Date:06.12.2006
Subject:BTSaveMySql 1.2 (acces to config files)

* BTSaveMySql 1.2 (acces to config files)

* By : sn0oPy

* Risk : low

* Site : http://www.google.fr/search?hl=fr&q=%22BT-SaveMySql%22&btnG=Reche
rcher&meta=


* exploit :

dork : intitle:"Extranet: Sauvegarde des Tables"

to have all acces to the config and save files. (no robot(s).txt with restriction present + no
.htacces)

* contact : sn0oPy@avenir-geopolitique.net

* greetz : [subzero], Avg Team(forums.avenir-geopolitique.net), Lhma9.
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server