Exploit 2532/Gigs 1.2.2 - Arbitrary Database Backup/Download

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
5465
Проверка EDB
  1. Пройдено
Автор
T0PP8UZZ
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
cve-2008-6199
Дата публикации
2008-04-18
Код:
--==+================================================================================+==--
--==+          2532|Gigs <= 1.2.2 Arbitrary Remote Database Backup/Download          +==--
--==+================================================================================+==--



Discovered By: t0pP8uZz
Discovered On: 18 April 2008
Script Download: http://www.2532gigs.com/?download=2532Gigs_stable
DORK: N/A

Vendor Has Not Been Notified!


DESCRIPTION: 
2532|Gigs does not validate a user in "backup.php" this means any user can visit and backup.
of course some GET variables are being used but thats all.

running the below url/path on a server that is running 2532|Gigs will make a backup of the database
and save it too "http://site.com/2532gigs/backup.sql"


Vulnerability:
http://site.com/2532gigs/backup.php?export=1


NOTE/TIP: 
you must be logged in to a ordinary user account for this too work!


GREETZ: milw0rm.com, h4ck-y0u.org, CipherCrew !



--==+================================================================================+==--
--==+          2532|Gigs <= 1.2.2 Arbitrary Remote Database Backup/Download          +==--
--==+================================================================================+==--

# milw0rm.com [2008-04-18]
 
Источник
www.exploit-db.com

Похожие темы