mTheme Unus < 2.3 - Directory Traversal

The mTheme-Unus theme for WordPress, prior to version 2.3, contained a directory traversal flaw that let attackers access arbitrary files. This was possible by exploiting the files parameter in css/css.php with .. sequences. id: CVE-2015-9406 info: name: mTheme Unus 2.3 - Directory Traversal...

CVE-2015-9406

Directory traversal vulnerability in the mTheme-Unus theme before 2.3 for WordPress allows an attacker to read arbitrary files via a .. dot dot in the files parameter to css/css.php...

WordPress Theme mTheme-Unus < 2.3 LFI Vulnerability - Version Check

The WordPress theme mTheme-Unus, which comes with the WP Mobile Edition plugin, is prone to a local file inclusion LFI vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

VulnCheck KEV: CVE-2015-9406

Directory traversal vulnerability in the mTheme-Unus theme before 2.3 for WordPress allows an attacker to read arbitrary files via a .. dot dot in the files parameter to css/css.php...

CVE-2015-9406

Directory traversal vulnerability in the mTheme-Unus theme before 2.3 for WordPress allows an attacker to read arbitrary files via a .. dot dot in the files parameter to css/css.php...

Directory traversal

Directory traversal vulnerability in the mTheme-Unus theme before 2.3 for WordPress allows an attacker to read arbitrary files via a .. dot dot in the files parameter to css/css.php...

CVE-2015-9406

CVE-2015-9406 affects the WordPress theme mTheme-Unus prior to version 2.3. The vulnerability is a directory traversal in the files parameter of css/css.php that allows reading arbitrary files. External sources in connected documents confirm this flaw and describe the impact as potential exposure...

EUVD-2015-9246

Directory traversal vulnerability in the mTheme-Unus theme before 2.3 for WordPress allows an attacker to read arbitrary files via a .. dot dot in the files parameter to css/css.php...

WordPress mTheme-Unus Local File Inclusion

Exploit Title: Wordpress themes mTheme-Unus LFI Vulnerability Date: 2015-09-27 Exploit Author: FullSecurity.org Google Dork: ilnurl:/wp-content/themes/mTheme-Unus/ Vendor Homepage: https://wordpress.org/ Tested on : Kali Linux Description : Wordpress Themes mTheme-Unus not filtering data so we ca...

WordPress mTheme-Unus Local File Inclusion Exploit

WordPress mTheme-Unus theme versions prior to 2.3 suffer from a local file inclusion vulnerability. Exploit Title: Wordpress themes mTheme-Unus LFI Vulnerability Date: 2015-09-27 Exploit Author: FullSecurity.org Google Dork: ilnurl:/wp-content/themes/mTheme-Unus/ Vendor Homepage:...

mTheme-Unus Theme - Local File Inclusion (LFI)

http://www.example.com/wp-content/themes/mTheme-Unus/css/css.php?files=../../../../wp-config.php...

WordPress WP Mobile Edition Plugin 2.2.7 /wp-content/themes/mTheme-Unus/css/css.php 文件下载

影响： - WP Mobile Edition版本低于2.2.7有该漏洞。 - 首次启用WP Mobile Edition 插件之后，即使停用或删除该插件，漏洞也会一直存在。 - 即使升级插件，若已经启用过漏洞存在的版本，漏洞也同样存在。 - css.php用于压缩css文件，并不只存在于该插件之中，而是 https://github.com/mrclay/ 的开源代码，使用该文件的网站也存在该漏洞。 详情 插件下载地址：https://downloads.wordpress.org/plugin/wp-mobile-edition.2.2.7.zip...

Wordpress Plugin WP Mobile Edition 2.7 - Remote File Disclosure Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin 'WP Mobile Edition' Remote File Disclosure Vulnerability Date: April 11, 2015 Exploit Author: @LookHin Khwanchai Kaewyos Google Dork: inurl:?fdxswitcher=mobile Vendor Homepage:...

WordPress Theme mTheme-Unus < 2.3 LFI Vulnerability - Active Check

The WordPress theme mTheme-Unus, which comes with the WP Mobile Edition plugin, is prone to local file inclusion LFI vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

WP Mobile Edition <= 2.2.7 - Remote File Disclosure

The plugin is not filtering data in GET parameter 'files' in file 'themes/mTheme-Unus/css/css.php' PoC http://www.example.com/wp-content/themes/mTheme-Unus/css/css.php?files=../../../../wp-config.php...

WordPress Plugin WP Mobile Edition 2.7 - Remote File Disclosure

WordPress Plugin WP Mobile Edition 2.7 - Remote File Disclosure Exploit Title: Wordpress Plugin 'WP Mobile Edition' Remote File Disclosure Vulnerability Date: April 11, 2015 Exploit Author: @LookHin Khwanchai Kaewyos Google Dork: inurl:?fdxswitcher=mobile Vendor Homepage:...