CVE-2007-1043: Ezboo WebStats Sensitive File Access Vulnerability

Key Information Vulnerability Summary Vulnerability Name: Ezboo webstats access to sensitive files Risk Level: Medium Local Exploit: No Remote Exploit: Yes CVE ID: CVE-2007-1043 CWE ID: CWE-Other CVSS Score Base Score: 7.5/10 Impact Subscore: 6.4/10 Exploitability Subscore: 10/10 Attack Complexity: Low Authentication Required: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial Vulnerability Details Discoverer: sn00Py Related Site: http://www.ezboo.com/softs Exploitation Method: - Simply append the following files to the URL: - http://www.target.ma/ezwebstats/update.php - http://www.target.ma/ezwebstats/config.php Search Queries (Dorks) Contact Information Contact: sn00Py (at) avenir-geopolitique (dot) net (email concealed) Reference Links http://forums.avenir-geopolitique.net http://forums.avenir-geopolitique.net/viewtopic.php?t=2674

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2007-1043: Ezboo WebStats Sensitive File Access Vulnerability