.. / CVE-2017-1000170

Exploit for WordPress Delightful Downloads Jquery File Tree 2.1.5 - Local File Inclusion (CVE-2017-1000170)

Description:

WordPress Delightful Downloads Jquery File Tree versions 2.1.5 and older are susceptible to local file inclusion vulnerabilities via jqueryFileTree.

Nuclei Template

View the template here CVE-2017-1000170.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2017/CVE-2017-1000170.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2017-1000170
https://github.com/ARPSyndicate/cvemon
http://packetstormsecurity.com/files/161900/WordPress-Delightful-Downloads-Jquery-File-Tree-1.6.6-Path-Traversal.html
https://github.com/jqueryfiletree/jqueryfiletree/issues/66
https://www.exploit-db.com/exploits/49693