ROOT
FORUM ROOT
PORTAL ROOT
CYBER NAVIGATION
DÖKÜMANLAR
DÖKÜMAN EKLE
DOWNLOAD/DOSYA ARSIVI
BASINDA CW
CYBER ACADEMY
ORGANIZASYON
NELER YAPTIK?
OPERASYON YÖNETIM SISTEMI
GÖREV ORG. BASVURU
YÖNETICI BASVURU FORMU
MISYON
KURALLAR
KEFALET
KEFIL HAVUZU
MEMBER NAVIGATION
YENI ÜYE BASVURU
PROFIL
MEMBER NETWORK
SIFREMI UNUTTUM
ÖZEL MESAJLARIM
ONAY E-POSTA GÖNDER
Root
>
Exploits / Vulnerabilities
> File Upload PHP Code Execution
File Upload PHP Code Execution | Cyber-Warrior Information Technology's World
Madde
Author :
Bug Researchers
Date :
16.10.2015 08:25:07
#
File Upload PHP Code Execution
[Full Screen Display]
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [+] Author : N4TuraL [~] E-Mail : n4tural.hackerz@hotmail.com [~] Twitter : https://twitter.com/byn4tural ########################################################### ~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |~Web App. : Wordfence Security Wordpress Plugin v.6.0.10 |~Vulnerable Type : Cross Site Scripting And File Upload PHP Code Execution |~RISK : High |~Software Author : https://www.wordfence.com/ ####################################################### ### Cross Site Scripting Error Line in ’wfAPI.php’ ### 2875: exit exit ($option_value); // wordfenceClass.php 2872: $option_value = $wpdb->get_var($wpdb->prepare(SELECT option_value FROM {$prefix}options WHERE option_name = %s, $option_name)); // wordfenceClass.php 2870: $prefix = $wpdb->get_blog_prefix($site_id); // wordfenceClass.php 2867: $site_id = !absint($_GET[’site_id’]) : get_current_blog_id(); // wordfenceClass.php 2868: $option_name = !$_GET[’option’] : false; // wordfenceClass.php ### File Upload PHP Code Execution Error Line in ’wfAPI.php’ ### 643: call_user_func $returnArr = call_user_func(’wordfence::ajax_’ . $func . ’_callback’); // wordfenceClass.php 642: $func = str_replace(’wordfence_’, ’’, $func); // wordfenceClass.php 636: $func = $_POST[’action’] : $_GET[’action’]; // wordfenceClass.php
Cyber-Warrior TIM All Legal and illegal Rights Reserved.\CWDoktoray 2001©
