Zen Help Desk ==> Version 2.1 Bypass

2007-06-26
ID: 72003
CVE: None
Download vulnerable application: None
--/ INTRODUCTION --

*
*
* Advisory : Zen Help Desk ==> Version 2.1 Bypass/Database Download Vulnerability
* Release Date : 25 / 05 / 2007
* Application : Zen Help Desk ==> Version 2.1
* Impact : Remote
* Googledork : "CopyRight 2004  Zen Help Desk" ,allintitle:Zen Help Desk or 
* or"allinurl:trackrequest.asp"
* Author : Titanichacker
* Contact : the-modest-pirate (at) hotmail (dot) com [email concealed]
* Home page : http://Hack-Teach.org
*
*

--/ REPRODUCE --

# Attackers Can Authentication Bypass In This Product By Add The Following 
Files:
('/ZenHelpDesk.mdb') And Download The Database Which Contains Table Named 
[admin]
The admin Name And Password Inside

thanx

cold-zero & mohandko & tryag team & hack-teach & drbaka & arb-hawk

# www.Hack-Teach.com & mohandko.com & tryag.com
1-4-2 (www01)