8pixel.net 2009. Database Disclosure Vulnerability

vendor:

8pixel.net 2009

by:

LionTurk

7.5

CVSS

HIGH

Database Disclosure Vulnerability

200

CWE

Product Name: 8pixel.net 2009

Affected Version From: 8pixel.net 2009

Affected Version To: 8pixel.net 2009

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

8pixel.net 2009. Database Disclosure Vulnerability

The vulnerability exists due to the presence of a file named 'sb.mdb' in the '/App_Data/' directory, which contains the database information. An attacker can exploit this vulnerability by accessing the file directly via a web browser.

Mitigation:

The vulnerability can be mitigated by removing the 'sb.mdb' file from the '/App_Data/' directory.

Source

Exploit-DB raw data:

==============================================================================  

                      _      _       _          _      _   _  

                     / \    | |     | |        / \    | | | |  

                    / _ \   | |     | |       / _ \   | |_| |  

                   / ___ \  | |___  | |___   / ___ \  |  _  |  

                  /_/   \_\ |_____| |_____| /_/   \_\ |_| |_|  

   

   

==============================================================================  

        [&#65533;] ~ Note : Forever RevengeHack.Com 

==============================================================================  

        [&#65533;] 8pixel.net 2009.  Database Disclosure Vulnerability  

==============================================================================  

   

    [&#65533;] Script:             [  8pixel.net 2009.  ]  

    [&#65533;] Language:           [ ASP ]  

    [&#65533;] Download:           [ http://www.8pixel.net/downloads.aspx ]  

    [&#65533;] Founder:            [ LionTurk -  Bylionturk@kafam1milyon.com (Mail G&#65533;nderenin aq... :D ]  

    [&#65533;] My Home:            [ RevengeHack.com , Ar-ge.Org]  

   

###########################################################################  

   

===[ Exploit And Dork  ]===  

   

    [&#65533;] http://[target].com/[path]/App_Data/sb.mdb



   [&#65533;] ( c ) 8pixel.net 2009. All Rights Reserved or 8pixel.net Blog v4 
   





Author:  LionTurk <-  

Thanks You: eXceptioN,CodeInside 
                                 I Love Fenerbah&#65533;e
                                 I Love T&#65533;rkiye
                                 I Love Mustafa K. ATAT&#65533;RK
                                 


###########################################################################