This exploit targets a backup vulnerability in Invision Power Board (Trial) v2.0.4, allowing unauthorized database backups via a crafted URL. The PoC demonstrates a direct request to the admin interface with specific parameters to trigger the backup functionality.
Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:Invision Power Board (Trial) v2.0.4
Auth required
Prerequisites:Access to the admin interface or a valid session ID (adsess parameter)