This is a technical writeup describing an information leakage vulnerability in SimpleBlog 3.0, where the database file (simpleBlog.mdb) is exposed and can be downloaded to retrieve admin credentials. The steps outline how to exploit this misconfiguration.
Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:SimpleBlog 3.0
No auth needed
Prerequisites:Access to the target web server · Knowledge of the path to the database file