exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Alexander Borg

WordPress Holding Pattern Theme Arbitrary File Upload

Posted Feb 24, 2015

Authored by Alexander Borg | Site metasploit.com

This Metasploit module exploits a file upload vulnerability in all versions of the Holding Pattern theme found in the upload_file.php script which contains no session or file validation. It allows unauthenticated users to upload files of any type and subsequently execute PHP scripts in the context of the web server.

tags | exploit, web, php, file upload

advisories | CVE-2015-1172

SHA-256 | ee5df7dbf0ac4eac44f2ff30e728e5eeff13120951dead86a3ad506611178a0b

Download | Favorite | View

WordPress Holding Pattern 0.6 Shell Upload

Posted Feb 6, 2015

Authored by Alexander Borg

WordPress Holding Pattern theme version 0.6 suffers from a remote shell upload vulnerability.

tags | advisory, remote, shell

advisories | CVE-2015-1172

SHA-256 | 4503be5e6f6cad5fb8d27275f1d74553eea67b809e8d1c508e90a7b2d37b7114

Download | Favorite | View