############################################################################ # Exploit Title : Web Wiz Forums 12.01 Database Backup Disclosure # Author [ Discovered By ] : KingSkrupellos # Team : Cyberizm Digital Security Army # Date : 26/02/2019 # Vendor Homepage : webwiz.net # Software Download Link : webwiz.net/web-wiz-forums/forum-downloads.htm # Software Information Link : webwiz.net/company-info/about.htm # Software Affected Version : 6.34 - 9.64 and 12.01 and other previous versions # Tested On : Windows and Linux # Category : WebApps # Exploit Risk : Medium # Vulnerability Type : CWE-200 [ Information Exposure ] CWE-530 [ Exposure of Backup File to an Unauthorized Control Sphere ] # PacketStormSecurity : packetstormsecurity.com/files/authors/13968 # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/ # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos ############################################################################ # Description about Software : *************************** Web Wiz Ltd. is a Green Hosting and Data Centre Services Provider offering a wide range of Eco-Friendly Data Centre Services, Green Web Hosting, Cloud and Dedicated Servers, Managed Servers and Domain Name Registration Services. Web Wiz provides services designed to help businesses and individuals communicate, measure, and support their operations worldwide. ############################################################################ # Impact : *********** Web Wiz Forum has been reported prone to sensitive information disclosure vulnerability. An attacker may make a request for and download the underlying Access database file that is used by the Forum application. Sensitive information that is contained in the database and stored in plaintext format may be revealed to the attacker. Information collected in this way may be used to aid in further attacks against the system. It should be noted that all versions of Web Wiz Forums have been reported prone to this vulnerability. The remote web server contains an ASP-PHP application that is affected by an information disclosure vulnerability. The remote server is running Web Wiz Site Forum, a set of ASP-PHP scripts to manage online forums. This release comes with a 'wwforum.mdb' database, usually located under 'admin', that contains sensitive information, such as the user passwords and emails. An attacker may use this flaw to gain unauthorized access to the affected application. ############################################################################ # Database Backup Disclosure Exploit : ********************************* VULNERABLESITE/[DOMAIN-ADDRESS.gov]/[PATH]/Forumo/admin/database/wwForum-backup.mdb VULNERABLESITE/[DOMAIN-ADDRESS.gov]/[PATH]/Forumo/admin/database/wwForum.mdb VULNERABLESITE/[DOMAIN-ADDRESS.gov]/[PATH]/forum/admin/database/wwForum.mdb ############################################################################ # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team ############################################################################