Unknown On 29/05/16


#####################################
#
# Exploit Title: Wordpress PHP Event Calendar Plugin - Arbitrary File Upload
# Google Dork: inurl:/plugins/php-event-calendar/
# Date: 02.04.2015
# Exploit Author: CrashBandicot (@DosPerl)
# Source Plugin: https://wordpress.org/plugins/php-event-calendar/
# Vendor HomePage: http://phpeventcalendar.com/
# Version: 1.5
# Tested on: MSwin
#
#####################################

# Path of File : /wp-content/plugins/php-event-calendar/server/classes/uploadify.php
# Vulnerable File : uploadify.php

# Exploit Script : http://pastebin.com/K6y71Gdd

# Path Shell : http://localhost/shell.php


Target :
http://www.advanz.org/wp-content/plugins/php-event-calendar/server/classes/uploadify.php

Leave a Reply

Subscribe to Posts | Subscribe to Comments