header-logo
Suggest Exploit
vendor:
by:
Aria-Security Team
3.3
CVSS
LOW
Remote Database Download
CWE
Product Name:
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

Remote Database Download

The vulnerability allows an attacker to remotely download databases from the target server. The attacker can access sensitive information such as admin credentials and other data stored in the databases.

Mitigation:

The vendor should implement proper access controls and secure the database files to prevent unauthorized access. Users are advised to ensure that their databases are not publicly accessible and to regularly update their systems with the latest security patches.
Source

Exploit-DB raw data:

#<Aria-Security Team>
#<Happy New Year!!>
#<Aria-Security.com For English>
#<Aria-Security.net For Parsi>
#Discovered: Aria-Security Team
#Vendor: http://mike.dewolfe.bc.ca/scripts/rblog/
#Risk: Low
#Type:Remote Database Download
#PoC:
#
#http://TARGET/path/data/admin.mdb
#http://TARGET/path/data/rblog.mdb
#
#Contact: advisory@aria-security.net

# milw0rm.com [2007-01-01]