.. / CVE-2019-9618

Exploit for WordPress GraceMedia Media Player 1.0 - Local File Inclusion (CVE-2019-9618)

Description:

WordPress GraceMedia Media Player plugin 1.0 is susceptible to local file inclusion via the cfg parameter.

Nuclei Template

View the template here CVE-2019-9618.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2019/CVE-2019-9618.yaml
Copy

References:

https://seclists.org/fulldisclosure/2019/Mar/26
https://www.exploit-db.com/exploits/46537
https://nvd.nist.gov/vuln/detail/CVE-2019-9618
http://seclists.org/fulldisclosure/2019/Mar/32
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9618