Flog version 1.1.2 suffers from a remote administrative password disclosure flaw.
2e4f7ad462b6365de8f6c4664fd8eccd0cf6de658459cca38c7282463a48f1d5-=[--------------------ADVISORY-------------------]=-
FLog 1.1.2
Author: CorryL [corryl80@gmail.com]
-=[-----------------------------------------------]=-
-=[+] Application: FLog
-=[+] Version: 1.1.2
-=[+] Vendor's URL: http://www.fluffington.com/index.php?page=flog
-=[+] Platform: Windows\Linux\Unix
-=[+] Bug type: Remote Admin Password Disclosure
-=[+] Exploitation: Remote
-=[-]
-=[+] Author: CorryL ~ corryl80[at]gmail[dot]com ~
-=[+] Reference: www.x0n3-h4ck.org
-=[+] Virtual Office: http://www.kasamba.com/CorryL
-=[+] Irc Chan: irc.darksin.net #x0n3-h4ck
..::[ Descriprion ]::..
FLog is a simple yet powerful weblog script that doesn't require a database to run.
Features include easy installation, comments, multiple users, links, categories,
and full plugin and theme APIs.
..::[ Proof Of Concept ]::..
http://remote_server/data/users.0.dat
..::[ Disclousure Timeline ]::..
[07/01/2007] - Public disclousure
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed