[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Web Directory Pro bypass Vulnerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Web Directory Pro bypass Vulnerabilities
From: hack2prison@xxxxxxxxx
Date: 4 Nov 2006 01:58:50 -0000

Web Directory Pro is product of hostingfrenzy.com I check latest version and 
detect some security holes, attackers can backup database or re-config system:
1. Backup database:
http://[domain]/[path]/admin/backup_db.php
2. Re-config system:
http://[domain]/[path]/admin/options.php
Note: If IE cannot download bacup file, you can use firefox.
The vendor was fixed but more sites can exploit.

Prev by Date: [OpenPKG-SA-2006.028] OpenPKG Security Advisory (php)
Next by Date: [OpenPKG-SA-2006.029] OpenPKG Security Advisory (bind)
Previous by thread: [OpenPKG-SA-2006.028] OpenPKG Security Advisory (php)
Next by thread: [OpenPKG-SA-2006.029] OpenPKG Security Advisory (bind)
Index(es):
- Date
- Thread