{-} Title => Subrion 3.X.X - Multiple Exploits
{-} Author => bRpsd (skype: vegnox)
{-} Date Release => 23 October, 2015
{-} Vendor => Subrion
Homepage => http://www.subrion.org/
Download => http://tools.subrion.org/get/latest.zip
Vulnerable Versions => 3.X.X
Tested Version => Latest, 3.3.5 on a Wamp Server.
{x} Google Dork:: 1 => "© 2015 Powered by Subrion CMS"
{x} Google Dork:: 2 => "Powered by Subrion CMS"
--------------------------------------------------------------------------------------------------------------------------------
The installation folder never get deleted or protected unless you deleted it yourself.
Which let any unauthorized user access the installation panel and ruin your website in just a few steps ..
--------------------------------------------------------------------------------------------------------------------------------
#######################################################################################
Vulnerability #1 : Reset Administrator Password & Database settings
Risk: High
File Path: http://localhost/cms/install/install/configuration/
#######################################################################################
#######################################################################################
Vulnerability #2 : Arbitrary File Download + Full Path Disclouser
Risk: Medium
File Path: http://localhost/cms/install/install/download/
Method: POST
Parameter (for file contents) : config_content
############################################
###########################################
Vulnerability #3 : Unauthorized Arbitrary Plugins Installer
Risk: Medium
File Path: http://localhost/cms/install/install/plugins/
##########################################
** SOLUTION ** ! :
Solution for all vulnerabilities is to delete the file located at:
/install/modules/module.install.php
H@PPY H@CK1NG !