Today guy from InSecurity.Ro named sway1990 found again a critical vulnerability (MySQL Injection) in their website.
Some extracted informations:
- Version – ( 5.1.41-3ubuntu12.10 )
Main DB – ( c1eset )
HostName – ( web.axelsoft.ro )
User – ( c1eset@localhost )
DataBases:
- information_schema
c1eset
Tables of main db:
- concurs
country
eventsro
joom_banner
joom_bannerclient
joom_bannertrack
joom_categories
joom_components
joom_contact_details
joom_content
…
joom_core_log_searches
joom_groups,
joom_jce_extensions
joom_jce_groups
…
joom_users
joom_weblinks
jos__sessions
jos_banner
…
Administrator Account:
- username=admin
- password=51f9a6e361a03aee324bcc73fe8ab4a5:xt69awFsqAyvglBMcbtvq9HopIAnQ1jF
- email=emil@nod32.ro
- usertype=Super Administrator
News Source : Kai Farmer