header-logo
Suggest Exploit
vendor:
Cold BBS
by:
ahmadbady
7.5
CVSS
HIGH
Database Disclosure
200
CWE
Product Name: Cold BBS
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

Database Disclosure Vulnerability

A vulnerability in Cold BBS script allows an attacker to download the cforum.mdb database file from the server. The file can be downloaded from http://www.peachydandy.com/scripts/download.php?go=2&file=4&mirror=7

Mitigation:

Ensure that the cforum.mdb file is not accessible from the web server.
Source

Exploit-DB raw data:

****(Database Disclosure Vulnerability)****

script: Cold BBS
   
***************************************************************************
download from:http://www.peachydandy.com/scripts/download.php?go=2&file=4&mirror=7
   
***************************************************************************
www.site.com/path/db/cforum.mdb
   
***************************************************


Author: ahmadbady 

my mail: kivi_hacker666@yahoo.com

***************************************************

# milw0rm.com [2008-12-05]

Navigation

Suggest Exploit

Services By CQR