Wordpress Plugins Simple-e-commerce-shopping-cart DatabaseSQL Backup Disclosure Vulnerability - CXSecurity.com

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1632328 漏洞类型
发布时间 2019-06-16 更新时间 2019-06-16
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2019060103
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
#################################
# Exploit Title: Wordpress Plugins Simple-e-commerce-shopping-cart DatabaseSQL Backup Disclosure Vulnerability
# Author Bug: L4663r666h05t x Indonesian Code Party
# Date: 15 Juny 2019
# Vendor: https://github.com/wp-plugins/simple-e-commerce-shopping-cart
# Dork: inurl:/wp-content/plugins/simple-e-commerce-shopping-cart/
#################################

File: database.sql
Location: http://localhost/wp-content/plugins/simple-e-commerce-shopping-cart/sql/database.sql
------------------------------------------------------------------

Impact:
An Attacker can view or download a database. Maybe an attacker can view
an username & password or only a backup data. But thats really dangerous.

------------------------------------------------------------------
Demo:
http://www.printforcardealers.com/wp-content/plugins/simple-e-commerce-shopping-cart/sql/database.sql
------------------------------------------------------------------