NewsTraXor Website Management Script 2.9 Beta - Database Disclosure

EDB-ID:

24039

CVE:

N/A

EDB Verified:

Author:

CyberTal0n

Type:

webapps

Exploit:   /  

Platform:

ASP

Date:

2004-04-22

Vulnerable App:
Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED 

source: https://www.securityfocus.com/bid/10194/info

Reportedly NewsTraXor is affected by a remote database disclosure vulnerability. This issue is due to a design error that allows the database file to be globally readable.

This issue may allow a remote attacker to gain unauthorized administrative access to the affected web application.

www.example.com/news/Dbase/nTrax.mdb
Tags:
Advisory/Source: Link
Downloads Certifications Training Professional Services
Kali Linux OSCP Penetration Testing with Kali Linux (PWK) Penetration Testing
Kali NetHunter OSWP Advanced Web Attacks and Exploitation (AWAE) Advanced Attack Simulation
Kali Linux Revealed Book OSCE Offensive Security Wireless Attacks (WiFu) Application Security Assessment
OSEE Cracking the Perimeter (CTP)
OSWE Metasploit Unleashed (MSFU)
KLCP Free Kali Linux Training
Kali Linux Kali NetHunter Kali Linux Revealed Book
OSCP OSWP OSCE OSEE OSWE KLCP
Penetration Testing with Kali Linux (PWK) Advanced Web Attacks and Exploitation (AWAE) Offensive Security Wireless Attacks (WiFu) Cracking the Perimeter (CTP) Metasploit Unleashed (MSFU) Free Kali Linux training
Penetration Testing Advanced Attack Simulation Application Security Assessment