AhsanH1:153628Ian Dunn: [Not just a server configuration issue] Full Path Disclosure
Hey, I’ve just found a ‘full path disclosure’ in basic-google-maps-placemarks, so it’s not just a server configuration issue! I’ve tested it on different servers (including windows, ubuntu, CentOS etc…)
#PoC
So, if we visit wp-content/plugins/basic-google-maps-placemarks/unit-tests.php it is clearly disclosing the full path as you can see in the following links:
- http://jazzalajmi.com/espace-pro/wp-content/plugins/basic-google-maps-placemarks/unit-tests.php
- http://ywamnorthwoods.org/setapart/wp-content/plugins/basic-google-maps-placemarks/unit-tests.php
- http://www.t1fx.com/teamt1fx/wp-content/plugins/basic-google-maps-placemarks/unit-tests.php
- http://www.processinstruments.net/wp-content/plugins/basic-google-maps-placemarks/unit-tests.php
- http://faas-bh.com/001/03udruzene/wp-content/plugins/basic-google-maps-placemarks/unit-tests.php
- http://www.dominihost.com.br/1line/wp-content/plugins/basic-google-maps-placemarks/unit-tests.php
- http://www.dominihost.com.br/1line/wp-content/plugins/basic-google-maps-placemarks/unit-tests.php
And eventually, in my localhost too:
{F107116}
Well, not all websites using basic-google-maps-placemarks, have a server configuration issue, so it’s probably an issue in your plugin! :-)
###Impact:
Well, the possible impact is that if attacker gets into the server using other website, he might symlink and also get access to the site using that full path!
>> Request: Still if you are not going to fix this, please close as informativer
Cheers,
Ahsan