Wordpress Salespresspro Theme File Upload Vulnerability

#-Title: Wordpress Salespresspro Theme File Upload Vulnerability
#-Author: unknown
#-Date: 18/01/2015
#- Vendor : Mark Dulisse
#- Link Download : sites.google.com/site/getsalespresspro20get/
#-Google Dork: inurl:wp-content/themes/Salespresspro
#- Tested on : Windows 7
#- Fixed in v2.0
==========================================================================

Proof Of Concept :

http://site.com/wp-content/themes/salespresspro/headerimgbgblog-upload.php  

Upload Shell > Buka di tab baru / lewat inspect elemen

Patch :

 baru / Simply cuman rename headerimgbgblog-upload.php jadi headerimgbgblog-upload.txt
Saya tidak meminta satu rupiah pun dari anda, Tolong hargai Copyright konten yang ditulis oleh Admin, Jika ingin Copy-Paste tolong sertakan link sumber. Terimakasih :)
Open My Youtube Channel
Previous
Next Post »
Thanks for your comment