################################################################################################# # Exploit Title : Designed By RONY IT CorporateSolutionBD Backup File Disclosure Vulnerability # Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army # Date : 03/11/2018 # Vendor Homepage / Owner Social Media Link : corporatesolutionbd.com ~ facebook.com/r01715646441 # Tested On : Windows and Linux # Category : WebApps # Google Dork : intext:''Desgined by RONY IT'' site:bd # Exploit Risk : Medium # CWE : CWE-530 - [ Exposure of Backup File to an Unauthorized Control Sphere ] + CWE-552 - [ Files or Directories Accessible to External Parties ] + CWE-538 - [ File and Directory Information Exposure ] + CWE-200 - [ Information Exposure ] ################################################################################################# # About Company : Corporate Solution is a one of the market foremost latest technology solutions provider Company in Bangladesh which provides Secure, Scalable, On-Demand Solutions and Modern Technical Solutions with the slogan of “Innovate, Incorporate and Distinguish” to aid its customers worldwide advancing their business performance. # Backup File Disclosure Exploit : /backup.zip /cms.zip /cms2.tar /cms3.tar ################################################################################################# # Example Vulnerable Site => baghs1515.edu.bd/backup.zip ################################################################################################# # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team #################################################################################################