- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4844
- Проверка EDB
-
- Пройдено
- Автор
- HOUSSAMIX
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-0222
- Дата публикации
- 2008-01-06
Код:
######################################################################################
# AUTHOR : H-T TeaM {HouSSaMix _ ToXiC350} #
# HOME : http://no-hack.net #
# Script : Wordpress Plugin Wp-FileManager #
# Download : http://downloads.wordpress.org/plugin/wp-filemanager.1.2.zip #
# BUG : Remote File Upload Vulnerability [ Shell Upload Exploit ] #
######################################################################################
(~)| 3xpl0it4t10n :
This file allowed you to upload directly a PHP script or anything you want it
You have just to enter into :
http://[TARGEt]/[path_wordpress]/wp-content/plugins/wp-filemanager/ajaxfilemanager/ajaxfilemanager.php
After uploading you evil script you will find it in this directory :
http://[TARGEt]/[path_wordpress]/uploaded/[evil].(php)
HeRe we are some dorks :
plugins/wp-filemanager/
inurl:/wp-filemanager/
# greezt : GoLd_M , RoMaNcYxHaCkEr , DDos , and all muslims Hackers
######################################################################################
# H-T TeaM {HouSSaMix _ ToXiC350} #
######################################################################################
# milw0rm.com [2008-01-06]
- Источник
- www.exploit-db.com