WordPress Smallbiz Themes Remote File Uploads Vulnerability

In XIAOMI 29 views
#- Title: WordPress Smallbiz Themes Remote File Uploads Vulnerability
#- Author: FullSecurity.org
#- Date: 09-02-2016
#- Developer : expand2web.com
#- Link Download : www.expand2web.com/smallbiz-theme/
#- Google Dork: inurl:”/themes/smallbiz/”
#- Fixed in Version : –
#- Tested on : Wessel
=======================================================
— Proof Of Concept —

Vulnerability : site/wp-content/themes/smallbiz/palette/index.php

require("cpg.php");

if( $_GET['image'] ) // selected image from bookmark or get form
$file = $_GET['image'];

if( $_FILES['userfile']['tmp_name'] ) // Upload detected captain!
handle_upload();
When Vulnerable : 

Method :
1. Go to site.com/wp-content/themes/smallbiz/palette/index.php
2. Upload your image
3. if succes, click image & open in new tab

Tags: #File Upload #RemoteFile #Wordpress

Download Pes 2018 Android Release APK terbaru
Download Pes 2018 Android Release APK terbaru
Download FTS Mod PES 2018 APK +
Summertime Saga 0.14.1 APK RELEASE [NEW UPDATE] Terbaru!!
Summertime Saga 0.14.1 APK RELEASE [NEW UPDATE] Terbaru!!
Summertime Saga APK v0.14.1 Terbaru– Rumah Android
4 Langkah Cara Menghapus Kontak Ganda di Android Terbaru
4 Langkah Cara Menghapus Kontak Ganda di Android Terbaru
4 Langkah Cara Menghapus Kontak Ganda di
Must read×

Top
error: Content is protected !!