header-logo
Suggest Exploit
vendor:
AWCM
by:
alnjm33
8,8
CVSS
HIGH
Database Download
532
CWE
Product Name: AWCM
Affected Version From: 2.1
Affected Version To: 2.1
Patch Exists: NO
Related CWE: N/A
CPE: awcm
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2010

AWCM

The vulnerability allows an attacker to download the database of the application by accessing the db_backup.php file. The attacker can then search for the admin credentials.

Mitigation:

Ensure that the db_backup.php file is not accessible to unauthorized users. Implement access control mechanisms to restrict access to the file.
Source

Exploit-DB raw data:

Subject:AWCM
Date: 6/1/21010
Author: alnjm33
version:2.1
Tested on: version:2.1
download: http://awcm.sourceforge.net/ar/
Home:sec-war.com<http://sec-war.com>
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::exploit::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
site/path/control/db_backup.php
u will download the database when download it

search for the admin

::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Greetz to :PrEdAtOr -Sh0ot3R - xXx - Mu$L!m-h4ck3r - ahmadso -JaMbA -RoOt_EgY -jago-dz- XR57 all sec-war.com members

Navigation

Suggest Exploit

Services By CQR