CVE-2005-1426

Uapplication Ublog Reload - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-1426. PoCs published by Cyber-Zone.

AI-analyzed exploit summary This Perl script exploits an arbitrary database disclosure vulnerability in Ublog by directly accessing the 'mdb-database/blog.mdb' file. It retrieves the database file from the target server and displays its contents.

Description

Uapplication Ublog Reload stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for mdb-database/blog.mdb (aka mdb-database/blog.msb).

Exploits (1)

exploitdb WORKING POC VERIFIED

by Cyber-Zone · perlwebappsasp

https://www.exploit-db.com/exploits/8610

View Code ZIP pw:eip

This Perl script exploits an arbitrary database disclosure vulnerability in Ublog by directly accessing the 'mdb-database/blog.mdb' file. It retrieves the database file from the target server and displays its contents.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Ublog (version not specified)

No auth needed

Prerequisites: Target server must have the vulnerable Ublog installation with the database file accessible via direct URL

MITRE ATT&CK

T1592 - Gather Victim Host Information

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/8610

Exploit vdb-entry x_refsource_osvdb

http://www.osvdb.org/15996

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/20314

Exploit vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1013830

Scores

EPSS 0.0154

EPSS Percentile 71.6%

Details

CWE

CWE-264

Status published

Published May 03, 2005

Tracked Since Feb 18, 2026