GHDB
GHDB
|
Google Search: filetype:cgi inurl:”fileman.cgi”
digitus rates this entry 6 out of 10. Submitted: 2004-07-26 09:23:50 Added by: digitus Hits: 3049 Score: 6 This brings up alot of insecure as well as secure filemanagers. These software solutions are often used by companies offering a “simple” but “cost effective” way to their users who don’t know unix or html. There is a problem sometimes with this specific filemanager due to insecure use of the session ID that can be found in the unprotected “fileman.log” logfile. It has been reported that an attacker can abuse the last document-edit-url of the logfile. By copy pasting that line in a new window it gives the attacker valid user credentials on the server, at least for a while.. (think hours not seconds). Comments: |
Does GHDB still updates for now?
The GHDB is alive and well, updated through the ExploitDB: http://www.exploit-db.com/google-dorks.
Hi Johnny,been a while since I’ve came last. Aren’t you gonna update this website anymore???
The GHDB is not updated and lives with the exploitdb: http://http://www.exploit-db.com. Please check out the awesome folks at Offensive Security as well: http://www.offensive-security.com!
Is any offline view-able resources is available of this product ?