Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Wordpress TimThumb 2.8.13 WebShot - Remote Code Execution (0-day)
- [+] Description
- ============================================================
- TimThumb is a small php script for cropping, zooming and resizing web
- images (jpg, png, gif). Perfect for use on blogs and other applications.
- Developed for use in the WordPress theme Mimbo Pro, and since used in many
- other WordPress themes.
- http://www.binarymoon.co.uk/projects/timthumb/
- https://code.google.com/p/timthumb/
- The original project WordThumb 1.07 also vulnerable (
- https://code.google.com/p/wordthumb/)
- They both shared exactly the same WebShot code! And there are several
- projects that shipped with "timthumb.php", such as,
- Wordpress Gallery Plugin
- https://wordpress.org/plugins/wordpress-gallery-plugin/
- IGIT Posts Slider Widget
- http://wordpress.org/plugins/igit-posts-slider-widget/
- All themes from http://themify.me/ contains vulnerable "wordthumb" in
- "<theme-name>/themify/img.php".
- exploit : http://q9r.me/mbcz
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement