Jul 12, 2012

Wordpress all Version full Path Disclosure Vulnerability By KinG Of PiraTeS

================================================================================
____ _    _    ____ _  _    ____ _  _ ___  ____ ____ 
|__| |    |    |__| |__|    |__| |_/  |__] |__| |__/    I Love Palestine
|  | |___ |___ |  | |  |    |  | | \_ |__] |  | |  \ 
                                                     
================================================================================
####
# Exploit Title: WordPress all Version full Path Disclosure Vulnerability
# Author: KinG Of PiraTeS
# GooGle+ : http://goo.gl/5RVFv
# Facebook Profile: www.fb.me/cr4ck3d
# Facebeook Page : www.fb.me/serial.crack
# Facebeook Page : www.fb.me/Cars2Luxe
# E-mail: t5r@hotmail.com / cr4ck3d@offdr5cax.dz
# Web Site : www.1337day.com | www.inj3ct0rs.com
# Category:: webapps
# Google Dork: intext:"powered by WordPress"
# platform : php
# Vendor: http://www.wordpress.com/
# Version: all
# Security Risk : Low ( Only for inforamtion )
# Tested on: [Windows 7 Edition Intégrale 64bit ]
####
 
==============

1)Exploit
=========

[~] P0c [~] :
============

Vuln file in :

http://Localhost/{Path}/wp-includes/registration-functions.php


[~] Vuln Code [~] :

---->

<?php

/**
 * Deprecated. No longer needed.

*
 
* @package WordPress
 
*/
_deprecated_file( basename(__FILE__), '2.1', null, __( 'This file no longer needs to be included.' ) );

?>


----->

There is no file to Call from the Function shown below


[~] D3m0 [~] :
=============


http://hotelsandhighways.com/blog/wp-includes/registration-functions.php?nulled=1337day
http://beavory.com/wp-includes/registration-functions.php?nulled=1337day
http://www.chateau-theme.com/wp-includes/registration-functions.php?nulled=1337day
 
Source: http://1337day.com/exploits/18958 



If you like my blog, Please Donate Me

No comments:

 

Sponsors

lusovps.com

Blogroll

About

 Please subscribe my blog.

 Old Subscribe

Share |