2 vulnerabilities in BetaParticle
BetaParticle (bp) is a ASP CMS ( Blog + Gallery ).
I found 2 vulnerabilities in BetaParticle.
* http://example.com/bp : is BP path !
1) BP Database Disclosure
For version < 3.0
Database path : http://example.com/bp/database/dbBlogMX.mdb
you can download it and disclose the administrator username and password .
Solution :
Move your DB to outside the web root and correct DB physical path .
---------------------------------------------------
For version >= 3.0
Database path : http://example.com/Blog.mdb
*And BP path must be : http://example.com/bp/
you can download it and disclose the administrator username and password .
Solution :
Move your DB to outside the web root and correct DB physical path .
---------------------------------------------------
2) Upload/Delete files and images without admin's password
For version =< 3.0
For uploading files go to upload.asp
http://example.com/bp/upload.asp
For deleting files go to myFiles.asp
http://example.com/bp/myFiles.asp
Solution :
Using BP V 4.0