Search the Community

Exploit Title : Wordpress Aaspose-pdf-exporter Plugin File Download Vulnerability Exploit Author : Ashiyane Digital Security Team Vendor Homepage: https://wordpress.org/plugins/aspose-pdf-exporter/ Download Link : https://downloads.wordpress.org/plugin/aspose-pdf-exporter.zip Date : 28 / 3 / 2015 Tested On : windows 8.1 + linux Kali ######################################### ######################################### ~ ~ ~~ ~ ~~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~~~~~~~~ ~~~~> Exploit: | | [+] Vulnerable file : 404 Not Found ~ ~ ~~ ~ ~~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~~~~~~~~ ~~~~> Vulnerable Code : <?php $file = $_GET['file']; $file_arr = explode('/',$file); $file_name = $file_arr[count($file_arr) - 1]; header ("Content-type: octet/stream"); header ("Content-disposition: attachment; filename=".$file_name.";"); header("Content-Length: ".filesize($file)); readfile($file); exit; ?> 404 Not Found[File Address] Examples : 404 Not Found ######################################### ######################################### Discovered by : Rq07 ######################################### Source: http://dl.packetstormsecurity.net/1503-exploits/wpaspose-disclose.txt