Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ####################################################################
- # Exploit Title : F3-CMS FatFreeFramework 0.0.1 Database Disclosure
- # Author [ Discovered By ] : KingSkrupellos
- # Team : Cyberizm Digital Security Army
- # Date : 14/02/2019
- # Vendor Homepage : f3cms.ca ~ fatfreeframework.com
- # Software Download Link : github.com/vijinho/f3-cms/archive/dev-master.zip
- # Software Information Link : github.com/vijinho/f3-cms
- github.com/vijinho/f3-cms/blob/dev-master/docs/DATABASE.md
- # Software Version : 0.0.1 and higher versions.
- # Tested On : Windows and Linux
- # Category : WebApps
- # Exploit Risk : Medium
- # Vulnerability Type : CWE-16 [ Configuration ] ~ CWE-200 [ Information Exposure ]
- # PacketStormSecurity : packetstormsecurity.com/files/authors/13968
- # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
- # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos
- ####################################################################
- # Description about Software :
- ***************************
- F3 CMS is a Content Management System.
- The F3 CMS framework is a secure and robust, PHP-based coding platform.
- ####################################################################
- # Impact :
- ***********
- F3-CMS FatFreeFramework 0.0.1 and higher versions configuration file may potentially
- disclose sensitive information to remote attackers.
- The configuration file that F3-CMS FatFreeFramework 0.0.1 stored in folder /data/db/sql/.
- HTTP requests consisting of a single character will cause the software to
- disclose sensitive configuration information, including the password/database to the administrative web interface.
- This file is installed, by default, with world readable and possibly world writeable permissions enabled.
- This may have some potentially serious consequences as the configuration
- file also stores password information in plain text.
- This issue occurs because access controls on configuration files are not properly set.
- An attacker can exploit this issue to retrieve potentially sensitive information.
- Attackers can access config file via URL request. This may aid in further attacks.
- ####################################################################
- # Database Disclosure Exploit :
- **************************
- /data/db/sql/audit-archive.sql
- /data/db/sql/create.sql
- /data/db/sql/phinx.sql
- ####################################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- ####################################################################
Add Comment
Please, Sign In to add comment