Wordpressthemeshock.com Vunrable o.0

Status
Not open for further replies.

123max

Member
Original poster
member
Joined
Jul 12, 2010
Posts
1,454
Reaction score
182
Points
66
So i was browsing this awesome site has bundles and all etc. looking at the download links i checked out the sites robots.txt and just like the other time (the plugin site i made licenses for free from) it has no admin panel (sort of but it may have) .

Turns out you can modify there Premuim Templates showcase section and add a post :D

Warning to all Webmasters : Never EVER leave your site panel's without password protecting it since it can be vulnerable
also the owner forgot to delete his test files exposing his PHP Version (which ofc this guy didn't update and it has lots of vulnerabilities. And yeah if you get to their download section pls post it here, i don't have enough moneyz to buy it :D

TBN Release - NOTE: This is for educational purpose for TBN Webmasters so they can learn something and better test it, a Copy of the report has been sent to the real site owner so that no damage is done to the orignal site. All damages are not the responsibility of the exploit finder.

Attached to the thread is the TXT file of the report (its a manual report never tried on any vulnerability finder software :D)

Check it out guys :D
 

Attachments

  • Vun.txt
    1.5 KB · Views: 7

TheThirdOne

Senior
senior
member
Joined
May 4, 2011
Posts
445
Reaction score
22
Points
35
Location
In Trance
Thanks for the share, but maybe you should not have released the vulns, you never know ;)
 
Status
Not open for further replies.