WordPress "st_newsletter" Plugin Arbitrary File upload

2012-06-20T00:00:00
ID 1337DAY-ID-18739
Type zdt
Reporter Ashiyane
Modified 2012-06-20T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            IN THE NAME OF ALLAH 
					 
Title : WordPress "st_newsletter" Plugin Arbitrary File upload
By : Ashiyane Digital Security Team
Google Dork : inurl:"wp-content/plugins/st_newsletter/visual_editors/fckeditor/editor/filemanager/upload/"
Tested : Windows 7 / BT5


Exploit : 

In "Upload" Directory Find "test.html" file and Upload ur files ... :))

Mr.Cicili



#  0day.today [2018-01-02]  #