# Exploit Title: wordpress plugin Cimy User Extra Fields Arbitrary File Upload Vulnerability
# Google Dork: inurl:"inurl:/wp-content/Cimy_User_Extra_Fields"
# Date: 07/18/2012
# Author: Crim3R
# plugin download Link : http://downloads.wordpress.org/plugin/cimy-user-extra-fields.2.3.7.zip
# Version: 2.3.7
# Tested on: all
========================================
you can find avatar upload in Registration form with extra fields 0r User's
profile with extra fields
witch is available for all types of users.
an attacker can upload shell in many ways like modifying Headers or ...
shell access :
http://wordpress/wp-content/Cimy_User_Extra_Fields/username/avatar.jpg.php
===============Crim3R@Att.Net===========
$home = http://Secure-Land.net
thanks to : 2MzRp - Mikili - Amir - 0x0ptim0us - iC0d3R - farbodmahini
and all Secure-land Members...