Bugtraq mailing list archives
WWWboard password disclosure
From: r00t2000 () hush com
Date: 10 Mar 2007 08:56:44 -0000
//A vulnerability found in WWWboard that shows the administrative user names and passwords. Althought the password is hashed, It can easily be decoded. //Effected version(s): Version 2.0 ALPHA 2 //File name: passwd.txt //File location: http://victim/wwwboard/passwd.txt //Google dork: allinurl:wwwboard/passwd.txt //(Example, POC): http://people.ucsc.edu/~dcao/wwwboard/passwd.txt //NOTE: old vulnerability Thanks, r00t[ati]
Current thread:
- WWWboard password disclosure r00t2000 (Mar 10)