CVE-2015-1579 PoC — WordPress Elegant Themes Divi主题目录遍历漏洞

Source

https://github.com/paralelo14/CVE-2015-1579

Associated Vulnerability

Title:WordPress Elegant Themes Divi主题目录遍历漏洞 (CVE-2015-1579)
Description:Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php. NOTE: this vulnerability may be a duplicate of CVE-2014-9734.

Readme

# CVE-2015-1579 - WP Revslider AFD

Exploit: Wordpress Slider Revolution Responsive <= 4.1.4:
  
    Vuln Date: 24/07/2014
    Exploit Author: anarc0der
    Version: Wordpress Slider Revolution Responsive <= 4.1.4
    CVE : CVE-2015-1579

How to:
  
    python3 xpl.py --url='target'
    
Targets examples PoC (Do not fuck them, to other people use as exemple):
    
    http://leyendahotel.com/
    http://www.adcmoura.pt/rail/
    http://softcor.com.br/

File Snapshot


 [4.0K]  /data/pocs/cb9254c9bfd399aefd8e0e90898a618bf7a8aff7
├── [ 456]  README.md
└── [2.9K]  xpl.py

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!