WordPress Caulk Path Disclosure

WordPress Caulk Path Disclosure: Posted Mar 4, 2013; Authored by Rafay Baloch; WordPress Caulk theme suffers from a path disclosure vulnerability.; tags | exploit, info disclosure; SHA-256 | 5bb291bc52e07e39d0bf262920b79fe90169e0ccde330097ce186083296ab508; Download | Favorite | View

WordPress Caulk Path Disclosure

*Title: Caulk Wordpress Theme Full Path Disclosure*

*Description:*

According to OWASP:

“Full Path Disclosure (FPD) vulnerabilities enable the attacker to see the
path to the webroot/file. e.g.: /home/omg/htdocs/file/. Certain
vulnerabilities, such as using the load_file() (within a SQL Injection)
query to view the page source, require the attacker to have the full path
to the file they wish to view.”

*Proof of concept:*
http://localhost/wp-content/themes/Caulk/


*Fatal error: Call to undefined function get_header() in
/homepages/13/d229281523/htdocs/ShowOff/wp-content/themes/Caulk/index.php
on line 1*

Top Authors In Last 30 Days

Red Hat 263 files
indoushka 179 files
Jay Turla 150 files
Ubuntu 85 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Gentoo 25 files
Karn Ganeshen 23 files

File Archives

Systems

AIX (430)
Apple (2,115)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,125)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,592)
HPUX (881)
iOS (390)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,340)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,897)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,876)
UNIX (9,458)
UnixWare (188)
Windows (6,772)
Other

WordPress Caulk Path Disclosure

WordPress Caulk Path Disclosure

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

WordPress Caulk Path Disclosure

Share This

WordPress Caulk Path Disclosure

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems