Cameron Park Zoo - Vulns Reveled.

1. The following leak is brought to you by Paw Security & .....
2. _____ ______ __ __ ______ ________ __ __ __ ______
3. /_____/\ /_____/\ /__/\/__/\ /_____/\ /_______/\ /_//_//_/\ /_____/\
4. \:::_ \ \\:::_ \ \\ \ \: \ \__\:::_ \ \\::: _ \ \\:\\:\\:\ \ \:::__\/
5. \:\ \ \ \\:(_) \ \\::\_\::\/_/\\:(_) \ \\::(_) \ \\:\\:\\:\ \ /: /
6. \:\ \ \ \\: ___\/ \_::: __\/ \: ___\/ \:: __ \ \\:\\:\\:\ \ /::/___
7. \:\_\ \ \\ \ \ \::\ \ \ \ \ \:.\ \ \ \\:\\:\\:\ \/_:/____/\
8. \_____\/ \_\/ \__\/ \_\/ \__\/\__\/ \_______\/\_______\/
9. #Op4Pawz & Paw Security; Knocking down one cage at a time.
10. #EmptyTheCages
11. ########--------#########------##########-----######################-------------##################------######
12. [[-] Target: http://www.cameronparkzoo.com
13. [M] Website Not in HTTPS: http://www.cameronparkzoo.com
14. [I] Server: Apache
15. [L] Robots.txt Found: http://www.cameronparkzoo.com/robots.txt
16. [I] CMS Detection: Wordpress
17. [I] Wordpress Version: 4.0
18. [I] Wordpress Theme: cpz
19. [-] Searching Vulnerable Theme from ExploitDB website ...
20. [-] Enumerating Wordpress Usernames via "Author" ...
21. [-] Valid Usernames found:
22. [I] Forgotten Password Allows Username Enumeration: http://www.cameronparkzoo.com/wp-login.php?action=lostpassword
23. [M] Website vulnerable to XML-RPC Brute Force Vulnerability
24. [-] Default WordPress Files:
25. [I] http://www.cameronparkzoo.com/readme.html
26. [I] http://www.cameronparkzoo.com/license.txt
27. [I] http://www.cameronparkzoo.com/xmlrpc.php
28. [I] http://www.cameronparkzoo.com/wp-includes/images/crystal/license.txt
29. [I] http://www.cameronparkzoo.com/wp-includes/images/crystal/license.txt
30. [I] http://www.cameronparkzoo.com/wp-includes/js/plupload/license.txt
31. [I] http://www.cameronparkzoo.com/wp-includes/js/tinymce/license.txt
32. [I] http://www.cameronparkzoo.com/wp-includes/js/swfupload/license.txt
33. [I] http://www.cameronparkzoo.com/wp-includes/ID3/license.txt
34. [I] http://www.cameronparkzoo.com/wp-includes/ID3/readme.txt
35. [I] http://www.cameronparkzoo.com/wp-includes/ID3/license.commercial.txt
36. [I] http://www.cameronparkzoo.com/wp-content/themes/twentythirteen/fonts/COPYING.txt
37. [I] http://www.cameronparkzoo.com/wp-content/themes/twentythirteen/fonts/LICENSE.txt
38. ########--------#########------##########-----######################-------------##################------######
39. [-] Searching Wordpress Plugins ...
40.  
41. [-] Searching Vulnerable Plugins from ExploitDB website ...
42. [I] Calendar
43. [M] EDB-ID: 35073
44. [M] EDB-ID: 27399 Date: 2013-08-07 Verified: No Title: Wordpress Booking Calendar 4.1.4 - CSRF Vulnerability
45. [M] EDB-ID: 25723 Date: 2013-05-26 Verified: Yes Title: Wordpress Spider Event Calendar Plugin 1.3.0 - Multiple Vulnerabilities
46. [M] EDB-ID: 21715 Date: 2012-10-03 Verified: Yes Title: Wordpress Plugin spider calendar Multiple Vulnerabilities
47. [M] EDB-ID: 10929 Date: 2010-01-02 Verified: Yes Title: Wordpress Events Plugin SQL Injection Vulnerability
48. ########--------#########------##########-----######################-------------##################------######
49. [-] Searching Vulnerable Theme from ExploitDB website ...
50. [-] Searching Wordpress TimThumbs ...
51. ########--------#########------##########-----######################-------------##################------######
52. [M] http://www.cameronparkzoo.com//wp-content/themes/magazinum/scripts/timthumb.php
53. [M] Timthumbs Potentially Vulnerable to File Upload: http://www.exploit-db.com/wordpress-timthumb-exploitation
54. [I] Checking for Directory Listing Enabled ...
55. [L] http://www.cameronparkzoo.com/wp-includes/
56. ########--------#########------##########-----######################-------------##################------######
57.  
58. We are PawSecurity.
59. Leaders of many, followers of none.
60. Your #1 Animal Hacktivst Team.
61. @PawSecReturns - @ChezIsMe - @Non_Sec
62.  
63. root@pawsec:~# Out.