Lucene search

siteman-pass.txt

🗓️ 27 Jan 2007 00:00:00Reported by CorryLType

packetstorm🔗 packetstormsecurity.com👁 21 Views

Remote vulnerability in Siteman 2.0.x2 allows attacker to reveal user passwords remotely.

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

`-=[--------------------ADVISORY-------------------]=-  
  
Siteman 2.0.x2   
  
Author: CorryL [[email protected]]   
-=[-----------------------------------------------]=-  
  
  
-=[+] Application: Siteman 2.0.x2  
-=[+] Version: 2.0.x2  
-=[+] Vendor's URL: http://home.no.net/siteman/  
-=[+] Platform: Windows\Linux\Unix  
-=[+] Bug type: Remote Md5 Hash Disclosure Vulnerability  
-=[+] Exploitation: Remote  
-=[-]  
-=[+] Author: CorryL ~ corryl80[at]gmail[dot]com ~  
-=[+] Reference: www.x0n3-h4ck.org  
-=[+] Virtual Office: http://www.kasamba.com/CorryL  
-=[+] Irc Chan: irc.darksin.net #x0n3-h4ck   
  
  
..::[ Descriprion ]::..  
  
This is the home of the Siteman project,   
a content management system using the flat-file database system txtSQL for data storage.   
  
  
..::[ Bug ]::..  
  
exploiting this bug a remote attaker is able' to go up again to user name and admin password  
what they are found to the first position  
  
  
..::[ Proof Of Concept ]::..  
  
http://remote-server/db/siteman/users.MYD  
  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

27 Jan 2007 00:00Current

7.4High risk

Vulners AI Score7.4