Update and rename wp-church-admin-lfi.yaml to vulnerabilities/wordpress/church-admin-lfi.yaml
parent
b0ce4b83cf
commit
5c80f9dc4c
|
@ -1,11 +1,14 @@
|
|||
id: wp-plugin-church-admin-lfi
|
||||
id: church-admin-lfi
|
||||
|
||||
info:
|
||||
name: Church Admin 0.33.2.1 - Unauthenticated Directory Traversal
|
||||
author: 0x_Akoko
|
||||
severity: high
|
||||
description: The "key" parameter of download.php from plugins/church-admin/display/download.php is not sanitized and is vulnerable to a directory traversal type of attack.
|
||||
reference:
|
||||
- https://wpscan.com/vulnerability/8997
|
||||
- https://id.wordpress.org/plugins/church-admin/
|
||||
tags: wordpress,wp-plugin,lfi
|
||||
reference: https://wpscan.com/vulnerability/8997
|
||||
|
||||
requests:
|
||||
- method: GET
|
Loading…
Reference in New Issue