automatic module_metadata_base.json update

2021-10-29 11:53:01 -05:00 · 2021-10-29 11:53:01 -05:00 · b04412132e
parent 43207ebf81
commit b04412132e
1 changed files with 60 additions and 0 deletions
--- a/db/modules_metadata_base.json
+++ b/db/modules_metadata_base.json
@ -35099,6 +35099,66 @@
    "session_types": false,
    "needs_cleanup": false
  },
+  "auxiliary_scanner/http/wp_bulletproofsecurity_backups": {
+    "name": "Wordpress BulletProof Security Backup Disclosure",
+    "fullname": "auxiliary/scanner/http/wp_bulletproofsecurity_backups",
+    "aliases": [
+
+    ],
+    "rank": 300,
+    "disclosure_date": "2021-09-17",
+    "type": "auxiliary",
+    "author": [
+      "Ron Jost (Hacker5preme)",
+      "h00die"
+    ],
+    "description": "The Wordpress plugin BulletProof Security, versions <= 5.1, suffers from an information disclosure\n          vulnerability, in that the db_backup_log.txt is publicly accessible.  If the backup functionality\n          is being utilized, this file will disclose where the backup files can be downloaded.\n          After downloading the backup file, it will be parsed to grab all user credentials.",
+    "references": [
+      "EDB-50382",
+      "CVE-2021-39327",
+      "PACKETSTORM-164420",
+      "URL-https://github.com/Hacker5preme/Exploits/blob/main/Wordpress/CVE-2021-39327/README.md"
+    ],
+    "platform": "PHP",
+    "arch": "php",
+    "rport": 80,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": null,
+    "mod_time": "2021-10-12 18:43:41 +0000",
+    "path": "/modules/auxiliary/scanner/http/wp_bulletproofsecurity_backups.rb",
+    "is_install_path": true,
+    "ref_name": "scanner/http/wp_bulletproofsecurity_backups",
+    "check": false,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+
+      ],
+      "SideEffects": [
+        "ioc-in-logs"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": false
+  },
  "auxiliary_scanner/http/wp_chopslider_id_sqli": {
    "name": "WordPress ChopSlider3 id SQLi Scanner",
    "fullname": "auxiliary/scanner/http/wp_chopslider_id_sqli",