GHDB
GHDB
|
Google Search: intext:”Powered by flatnuke-2.5.3″ +”Get RSS News” -demo
FiZiX and klouw rates this entry 4 out of 10. Submitted: 2005-06-10 00:00:00 Added by: FiZiX and klouw Hits: 7874 Score: 4 Description of VulnerabilitiesMultiple vulnerabilities in FlatNuke have been reported, which can be exploited by remote users to trigger denial of service conditions, execute arbitrary PHP code, conduct Cross-Site Scripting attacks and disclose arbitrary images and system information.If the “/flatnuke/foot_news.php” script is accessed directly a while() call is made that enters an infinite loop, leading to full CPU utilisation.[..]User-supplied input passed to the “image” parameter in the “thumb.php” script is not correctly validated. This can be exploited to disclose arbitrary images from external and local resources via directory traversal attacks, or to disclose the installation path.It is also possible to disclose the system path by accessing certain scripts directly or specially formed parameters. Comments: |
Does GHDB still updates for now?
The GHDB is alive and well, updated through the ExploitDB: http://www.exploit-db.com/google-dorks.
Hi Johnny,been a while since I’ve came last. Aren’t you gonna update this website anymore???
The GHDB is not updated and lives with the exploitdb: http://http://www.exploit-db.com. Please check out the awesome folks at Offensive Security as well: http://www.offensive-security.com!
Is any offline view-able resources is available of this product ?