Wordpress Salespresspro Theme File Upload Vulnerability

#-Title: Wordpress Salespresspro Theme File Upload Vulnerability
#-Author: unknown
#-Date: 18/01/2015
#- Vendor : Mark Dulisse
#- Link Download : sites.google.com/site/getsalespresspro20get/
#-Google Dork: inurl:wp-content/themes/Salespresspro
#- Tested on : Windows 7
#- Fixed in v2.0

Proof Of Concept :


Upload Shell > Buka di tab baru / lewat inspect elemen

Patch :

 baru / Simply cuman rename headerimgbgblog-upload.php jadi headerimgbgblog-upload.txt
have a problem ? let's talk together in 3xploi7 bug Messenger
Open My Youtube Channel
Next Post »
Thanks for your comment