Header Ads

Home > Defacing > Exploit > Tutorial > Arbitrary File Upload Vulnerability in Vertical SlideShow

Arbitrary File Upload Vulnerability in Vertical SlideShow

Thursday, April 13, 2017 , ,

# Dork : inrul:/wp-content/uploads/vertical/1_uploadfolder/big/

# 1 Search Google Dork and Choose a Target
###########
Code exploit :
###########
https://pastebin.com/raw/4TA7zJvk
######
# 2 Upload Your File ==== File.html ######

# 3. Vuln ? ada tanda
WP_Error Object ( [errors] => Array ( [invalid_image] => Array ( [0] => unable to open file `/tmp/magick-C-pK9cbg': No such file or directory @ error/constitute.c/ReadImage/583 ) ) [error_data] => Array ( [invalid_image] => /home4/swheeler/public_html/site/wp-content/uploads/vertical/277_uploadfolder/big/404.html ) ) Error

# 4. jadi akses filenya site.com/wp-content/uploads/vertical/277_uploadfolder/big/404.html

Demo :
http://ameliaearhartcontroversy.com/wp-content/plugins/wp-vertical-gallery/xml/cat_1.xml


Baca juga :
Wordpress dreamwork_manage File Upload Vulnerability

Post a Comment

No comments

Silahkan Komentar dengan bahasa yang sopan

Subscribe to: Post Comments ( Atom )
Powered by Blogger.