–/ INTRODUCTION –
- Advisory : Zen Help Desk ==> Version 2.1 Bypass/Database Download Vulnerability
- Release Date : 25 / 05 / 2007
- Application : Zen Help Desk ==> Version 2.1
- Impact : Remote
- Googledork : "CopyRight 2004 Zen Help Desk" ,allintitle:Zen Help Desk or
- or"allinurl:trackrequest.asp"
- Author : Titanichacker
- Contact : the-modest-pirate (at) hotmail (dot) com [email concealed]
- Home page : http://Hack-Teach.org
–/ REPRODUCE –
Attackers Can Authentication Bypass In This Product By Add The Following
Files:
('/ZenHelpDesk.mdb') And Download The Database Which Contains Table Named
[admin]
The admin Name And Password Inside
thanx
cold-zero & mohandko & tryag team & hack-teach & drbaka & arb-hawk
Play free games, earn tickets, get cool prizes! Join Live Search Club.
http://club.live.com/home.aspx?icid=CLUB_wlmailtextlink