Wordpress Exploit ;)
timthumb php file inclusion
wp-content/plugins/category-grid-view-gallery/includes/timthumb.php
AllWebMenus WordPress Menu Plugin
wp-content/plugins/allwebmenus-wordpress-menu-plugin/actions.php
Count per Day
wp-content/plugins/count-per-day/map/map.php
Whois Search Plugin
wp-content/plugins/wordpress-whois-search/vendors/samswhois/samswhois.inc.php
WP Symposium A Social Network For WordPress
wp-content/plugins/wp-symposium/uploadify/upload_admin_avatar.php and wp-content/plugins/wp-symposium/uploadify/upload_profile_avatar.php
Newsletter Meenews
wp-content/plugins/meenews/inc/tpl/mee_editot_newsletter.php
WP e-Commerce Plugin
wp-content/plugins/wp-e-commerce/wpsc-merchants/chronopay.php
Filedownload
wp-content/plugins/filedownload/download.php
Annonces
wp-content/plugins/annonces/includes/lib/photo/uploadPhoto.php
Mailing List
wp-content/plugins/mailz/lists/lt.php or wp-content/plugins/mailz/lists/index.php
TheCartPress eCommerce Shopping Cart
wp-content/plugins/thecartpress/checkout/CheckoutEditor.php
Zingiri Web Shop
wp-content/plugins/zingiri-web-shop/fws/ajax/init.inc.php and wp-content/plugins/zingiri-web-shop/fwkfor/ajax/init.inc.php
Adsense Extreme
wp-content/plugins/adsense-extreme/adsensextremeadminpage.php
Enable Media ReplaceArbitrary file upload, plugin checks mime types of data instead of file extensions for uploads.One can upload a file that will be interpreted as a .gif and have the file extension .php and also work as a php script.
WP-RecentComments
wp-content/plugins/wp-recentcomments/core.php
Category Grid View Gallery
wp-content/plugins/category-grid-view-gallery/includes/timthumb.php
timthumb php file inclusion
wp-content/plugins/category-grid-view-gallery/includes/timthumb.php
AllWebMenus WordPress Menu Plugin
wp-content/plugins/allwebmenus-wordpress-menu-plugin/actions.php
Count per Day
wp-content/plugins/count-per-day/map/map.php
Whois Search Plugin
wp-content/plugins/wordpress-whois-search/vendors/samswhois/samswhois.inc.php
WP Symposium A Social Network For WordPress
wp-content/plugins/wp-symposium/uploadify/upload_admin_avatar.php and wp-content/plugins/wp-symposium/uploadify/upload_profile_avatar.php
Newsletter Meenews
wp-content/plugins/meenews/inc/tpl/mee_editot_newsletter.php
WP e-Commerce Plugin
wp-content/plugins/wp-e-commerce/wpsc-merchants/chronopay.php
Filedownload
wp-content/plugins/filedownload/download.php
Annonces
wp-content/plugins/annonces/includes/lib/photo/uploadPhoto.php
Mailing List
wp-content/plugins/mailz/lists/lt.php or wp-content/plugins/mailz/lists/index.php
TheCartPress eCommerce Shopping Cart
wp-content/plugins/thecartpress/checkout/CheckoutEditor.php
Zingiri Web Shop
wp-content/plugins/zingiri-web-shop/fws/ajax/init.inc.php and wp-content/plugins/zingiri-web-shop/fwkfor/ajax/init.inc.php
Adsense Extreme
wp-content/plugins/adsense-extreme/adsensextremeadminpage.php
Enable Media ReplaceArbitrary file upload, plugin checks mime types of data instead of file extensions for uploads.One can upload a file that will be interpreted as a .gif and have the file extension .php and also work as a php script.
WP-RecentComments
wp-content/plugins/wp-recentcomments/core.php
Category Grid View Gallery
wp-content/plugins/category-grid-view-gallery/includes/timthumb.php
Tidak ada komentar:
Posting Komentar