Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

New exploit for new vulnerability in WordPress Plugin + tutorial

From: "Diego" <diego () diegoceldran es>
Date: Mon, 16 Jan 2017 15:17:13 +0100
Hi guys.

 

I foun’t a new vulnerabiliti in a wordpress plugin called: “Direct Download
for WooCommerce”.

 

This vulnerability allow you make an Remote LFI download, so, we can
download any in the server where we’re running this plugin, I foun’t this
vulnerability the last week and I reported this to Kameleon but i don’t know
if this bug is partched right now in a new versión.

 

I’ve been written an exploit to this plugin in Python. This exploit allow
you:

 

-          Test if the plugin exists in the server.

-          Download any file from the server where the WordPress plugin is
running.

-         Select any option by default or make your own personalized
download.

 

I published this exploit in my website today, here you’ve got the direct
link:

http://www.diegoceldran.es/producto/remote-lfi-for-direct-download-for-wooco
mmerce-up-to-v1-15/

 

Thanks for all!

 

-------- UPDATE --------

To see an completly tutorial about how to use this exploit you’ve got it in:

http://www.diegoceldran.es/how-to-use-exploit-remote-lfi-for-direct-download
-for-woocommerce-up-to-v1-15/

 


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Previous By Date Next
Previous By Thread Next

Current thread: