Hack vBulletin 4.1.10 Admin Control Panel
When a new name and password is entered in a form and the form is submitted, the browser asks if the password should be saved. Thereafter when the form is displayed, the name and password are filled in automatically or are completed as the name is entered. An attacker with local access could obtain the cleartext password from the browser cache.
.This vulnerability affects /admincp
.The impact of this vulnerability
.Possible sensitive information disclosure
Now I Will Tell You How To Hack Admin Cp
Password type input named
Code:
vb_login_password
from form named loginform with
Code:
action ../login.php?do=login
has autocomplete enabled.
IN That Way You Could Do Sql Injection
Other Vulnerabilty Found Also
The HTML comments of this page contain configuration information for Microsoft Frontpage Server Extensions. The configuration information includes the Frontpage version and may help an attacker to learn more about his target.
This vulnerability affects
Code:
/_vti_inf.html.
To Attack It
Code:
example.com/admincp/_vti_inf.html
Or Use That Way
Code:
example.com/_vti_inf.html
Enjoy
When a new name and password is entered in a form and the form is submitted, the browser asks if the password should be saved. Thereafter when the form is displayed, the name and password are filled in automatically or are completed as the name is entered. An attacker with local access could obtain the cleartext password from the browser cache.
.This vulnerability affects /admincp
.The impact of this vulnerability
.Possible sensitive information disclosure
Now I Will Tell You How To Hack Admin Cp
Password type input named
Code:
vb_login_password
from form named loginform with
Code:
action ../login.php?do=login
has autocomplete enabled.
IN That Way You Could Do Sql Injection
Other Vulnerabilty Found Also
The HTML comments of this page contain configuration information for Microsoft Frontpage Server Extensions. The configuration information includes the Frontpage version and may help an attacker to learn more about his target.
This vulnerability affects
Code:
/_vti_inf.html.
To Attack It
Code:
example.com/admincp/_vti_inf.html
Or Use That Way
Code:
example.com/_vti_inf.html
Enjoy
0 comments:
Post a Comment