2 matches found
WordPress wp-instance-rename 'mysqldump_download.php' plugin arbitrary file download vulnerability
WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. The WordPress wp-instance-rename 'mysqldumpdownload.php' plugin has an arbitrary file download vulnerability due to the program failing to adequately filter...
wp-instance-rename <= 1.0 - Arbitrary File Download
The wp-instance-rename WordPress plugin was affected by an Arbitrary File Download security vulnerability. PoC url --data "dbname=wp=/etc/passwdfolder=." http://www.example.com/wp-instance-rename/mysqldumpdownload.php -o p.zip...