Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Beta Programs
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
BugTraq
Back to list
|
Post reply
5 php scripts remote database password disclosure
Jul 03 2006 07:42AM
gmdarkfig gmail com
#
# Title: 5 php scripts remote database password disclosure
# Date: Sun July 02 21:04 2006
# Credits: Security hole discovered by DarkFig (gmdarkfig (at) gmail (dot) com [email concealed])
# Problem: Database configuration is located in a .inc file(no protected by .htaccess file)
# Web: http://acid-root.new.fr
#
# VulnScr: Mp3netbox Beta 1
# Author: flymoon (at) users.sourceforge (dot) net [email concealed]
# Download: http://sourceforge.net/projects/mp3netbox
# Exploit: http://[...]/config.inc
# VulnScr: efone <= 20000723
# Author: brush (at) users.sourceforge (dot) net [email concealed]
# Download: http://sourceforge.net/projects/efone
# Exploit: http://[...]/config.inc
# VulnScr: Kamikaze-QSCM <= v0.1
# Author: ???@????.???
# Download: http://kamikaze-qscm.tigris.org/
# Exploit: http://[...]/config.inc
# VulnScr: Blueboy <= 1.0.3
# Author: mano (at) users.sourceforge (dot) net [email concealed]
# Download: http://sourceforge.net/projects/bb-news
# Exploit: http://[...]/bb_news_config.inc
# VulnScr: Foros V.1.0
# Author: eupla (at) users.sourceforge (dot) net [email concealed]
# Download: http://sourceforge.net/project/showfiles.php?group_id=14333&package_id=5
1342
# Exploit: http://[...]/inc/config.inc
#EOF
[ reply ]
Privacy Statement
Copyright 2009, SecurityFocus
# Title: 5 php scripts remote database password disclosure
# Date: Sun July 02 21:04 2006
# Credits: Security hole discovered by DarkFig (gmdarkfig (at) gmail (dot) com [email concealed])
# Problem: Database configuration is located in a .inc file(no protected by .htaccess file)
# Web: http://acid-root.new.fr
#
# VulnScr: Mp3netbox Beta 1
# Author: flymoon (at) users.sourceforge (dot) net [email concealed]
# Download: http://sourceforge.net/projects/mp3netbox
# Exploit: http://[...]/config.inc
# VulnScr: efone <= 20000723
# Author: brush (at) users.sourceforge (dot) net [email concealed]
# Download: http://sourceforge.net/projects/efone
# Exploit: http://[...]/config.inc
# VulnScr: Kamikaze-QSCM <= v0.1
# Author: ???@????.???
# Download: http://kamikaze-qscm.tigris.org/
# Exploit: http://[...]/config.inc
# VulnScr: Blueboy <= 1.0.3
# Author: mano (at) users.sourceforge (dot) net [email concealed]
# Download: http://sourceforge.net/projects/bb-news
# Exploit: http://[...]/bb_news_config.inc
# VulnScr: Foros V.1.0
# Author: eupla (at) users.sourceforge (dot) net [email concealed]
# Download: http://sourceforge.net/project/showfiles.php?group_id=14333&package_id=5
1342
# Exploit: http://[...]/inc/config.inc
#EOF
[ reply ]