WordPress的橙色主题跨站请求伪造文件上传漏洞

没穿底裤 2019年12月31日22:06:20评论423 views字数 518阅读1分43秒阅读模式
摘要

发布日期:2013-11.3
发布作者:JJE Incovers漏洞类型:文件上传漏洞描述:利用方法
[php]
inurl:"/wp-content/themes/agritourismo-theme/"
inurl:"/wp-content/themes/bordeaux-theme/"
inurl:"/wp-content/themes/bulteno-theme/"
inurl:"/wp-content/themes/oxygen-theme/"
inurl:"/wp-content/themes/radial-theme/"
inurl:"/wp-content/themes/rayoflight-theme/"
inurl:"/wp-content/themes/reganto-theme/"
inurl:"/wp-content/themes/rockstar-theme/"
[/php]
跨站请求伪造文件上传漏洞利用及POC

发布日期:2013-11.3
发布作者:JJE Incovers

漏洞类型:文件上传

漏洞描述:

利用方法
[php]
inurl:"/wp-content/themes/agritourismo-theme/"
inurl:"/wp-content/themes/bordeaux-theme/"
inurl:"/wp-content/themes/bulteno-theme/"
inurl:"/wp-content/themes/oxygen-theme/"
inurl:"/wp-content/themes/radial-theme/"
inurl:"/wp-content/themes/rayoflight-theme/"
inurl:"/wp-content/themes/reganto-theme/"
inurl:"/wp-content/themes/rockstar-theme/"
[/php]
跨站请求伪造文件上传漏洞利用及POC

http://0day5.com/wp-content/themes/rockstar-theme/functions/upload-handler.php

Script :
[php]

Your File:

[/php]

  • 左青龙
  • 微信扫一扫
  • weinxin
  • 右白虎
  • 微信扫一扫
  • weinxin
没穿底裤
  • 本文由 发表于 2019年12月31日22:06:20
  • 转载请保留本文链接(CN-SEC中文网:感谢原作者辛苦付出):
                   WordPress的橙色主题跨站请求伪造文件上传漏洞http://cn-sec.com/archives/75294.html

发表评论

匿名网友 填写信息