PHP MySQL Banner Exchange 2.2.1 remote mysql database bug

2007.12.22

Credit: Arsalan kashan

Risk: Medium

Local: No

Remote: Yes

CVE: CVE-2007-6512

CWE: CWE-89

CVSS Base Score: 5/10

Impact Subscore: 2.9/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: Partial

Integrity impact: None

Availability impact: None

Discovered by Arsalan kashan
email=arsalan1991 (at) gmail (dot) com [email concealed]
portal=PHP MySQL Banner Exchange
download=http://sourceforge.net/projects/banex
version=2.2.1
bug:
its store the mysql database setting in a .inc file and you can easily read it as a anonymous user
/script_path/inc/lib.inc
the you can connect to mysql database

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

PHP MySQL Banner Exchange 2.2.1 remote mysql database bug

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.