Bugtraq mailing list archives

Web Directory Pro bypass Vulnerabilities

From: hack2prison () yahoo com
Date: 4 Nov 2006 01:58:50 -0000

Web Directory Pro is product of hostingfrenzy.com I check latest version and detect some security holes, attackers can 
backup database or re-config system:
1. Backup database:
http://[domain]/[path]/admin/backup_db.php
2. Re-config system:
http://[domain]/[path]/admin/options.php
Note: If IE cannot download bacup file, you can use firefox.
The vendor was fixed but more sites can exploit.

Current thread:

Web Directory Pro bypass Vulnerabilities hack2prison (Nov 04)