SweetRice 1.5.1 - Backup Disclosure ~ Tebing Tinggi Lamer

Title: SweetRice 1.5.1 - Backup Disclosure

Application: SweetRice

Versions Affected: 1.5.1

Vendor URL: http://www.basic-cms.org/

Software URL: http://www.basic-cms.org/attachment/sweetrice-1.5.1.zip

Discovered by: Ashiyane Digital Security Team

Tested on: Windows 10

Bugs: Backup Disclosure

Date: 16-Sept-2016

Proof of Concept :

You can access to all mysql backup and download them from this directory.

http://localhost/inc/mysql_backup

and can access to website files backup from:

http://localhost/SweetRice-transfer.zip

Tebing Tinggi Lamer

Do Not Using This Article For Criminal, This Article Just For Fun And Knowledge. Thanks

Friday, November 11, 2016

SweetRice 1.5.1 - Backup Disclosure

0 komentar:

Post a Comment