CVE-2007-0760
published 2007-02-06CVE-2007-0760: EQdkp 1.3.1 and earlier authenticates administrative requests by verifying that the HTTP Referer header specifies an admin/ URL, which allows remote attackers…
PriorityP342high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.41%
82.0th percentile
EQdkp 1.3.1 and earlier authenticates administrative requests by verifying that the HTTP Referer header specifies an admin/ URL, which allows remote attackers to read or modify account names and passwords via a spoofed Referer.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| eqdkp | eqdkp | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Sentinel Protection Server 7.x/Keys Server 1.0.x - Backslash Directory Traversal
exploitdb·2008-02-11
CVE-2008-0760 Sentinel Protection Server 7.x/Keys Server 1.0.x - Backslash Directory Traversal
Sentinel Protection Server 7.x/Keys Server 1.0.x - Backslash Directory Traversal
---
source: https://www.securityfocus.com/bid/27735/info
Sentinel Protection Server and Keys Server are prone to a directory-traversal vulnerability because the software fails to sufficiently sanitize user-supplied input data.
Exploiting this issue may allow an attacker to access sensitive information that could aid in further attacks.
This issue affects Protection Server 7.4.1.0 and Keys Server 1.0.4; earlier versions may also be vulnerable.
NOTE: This issue may be caused by an incomplete security patch released in November 2007 that was documented in BID 26583 ('Sentinel Protection Server/Keys Server Directory Traversal Vulnerability').
GET /..\..\..\..\..\..\..\boot.ini HTTP/1.0
Exploit-DB
EQdkp 1.3.1 - 'Referer Spoof' Remote Database Backup
exploitdb·2007-02-02
CVE-2007-0760 EQdkp 1.3.1 - 'Referer Spoof' Remote Database Backup
EQdkp 1.3.1 - 'Referer Spoof' Remote Database Backup
---
Title: EQdkp <= 1.3.1 Referer Spoof to access to SQL Database
URL: http://www.eqdkp.com
Hook: "Powered by EQdkp"
Author: Eight10
Contact: [email protected]
Background: EQdkp is the largest DKP tracking program utilized largely by the MMORPG community, specifically
large use in the World of Warcraft Community among Guild/clan Websites.
Discussion: A Vulnerability exists in all current versions of EQdkp that allows one to
spoof Their refering URL to gain access to an integrated class-1 MySQL Backup/Restore program
which allows one to download and modify sensitive SQL data. The script only checks for authentication
via refering url from the administration control panel. Note some sites have this funcitonality
disabled/not installed. F
No writeups or analysis indexed.
http://osvdb.org/33112http://secunia.com/advisories/24038http://www.securityfocus.com/bid/20805https://exchange.xforce.ibmcloud.com/vulnerabilities/32152https://www.exploit-db.com/exploits/3252http://osvdb.org/33112http://secunia.com/advisories/24038http://www.securityfocus.com/bid/20805https://exchange.xforce.ibmcloud.com/vulnerabilities/32152https://www.exploit-db.com/exploits/3252
2007-02-06
Published