Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

2 vulnerabilities in BetaParticle
From: farhad koosha <farhadkey () yahoo com>
Date: 20 Mar 2005 06:34:43 -0000


BetaParticle (bp) is a ASP CMS ( Blog + Gallery ).
I found 2 vulnerabilities in BetaParticle.

* http://example.com/bp : is BP path !

1) BP Database Disclosure

For version < 3.0

Database path : http://example.com/bp/database/dbBlogMX.mdb

you can download it and disclose the administrator username and password .

Solution :
Move your DB to outside the web root and correct DB physical path .
---------------------------------------------------

For version >= 3.0

Database path : http://example.com/Blog.mdb
*And BP path must be : http://example.com/bp/

you can download it and disclose the administrator username and password .

Solution :
Move your DB to outside the web root and correct DB physical path .
---------------------------------------------------

2) Upload/Delete files and images without admin's password

For version =< 3.0

For uploading files go to upload.asp
http://example.com/bp/upload.asp

For deleting files go to myFiles.asp
http://example.com/bp/myFiles.asp

Solution :
Using BP V 4.0

  By Date           By Thread  

Current thread:
  • 2 vulnerabilities in BetaParticle farhad koosha (Mar 21)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]