dEEpEst Posted November 4, 2017 Share Posted November 4, 2017 WP Mobile Detector Plugin for WordPress contains a flaw that allows a remote attacker to execute arbitrary PHP code. This flaw exists because the /wp-content/plugins/wp-mobile-detector/resize.php script does contains a remote file include for files not cached by the system already. By uploading a .php file, the remote system will place the file in a user-accessible path. Making a direct request to the uploaded file will allow the attacker to execute the script with the privileges of the web server. [HIDE-THANKS] This is the hidden content, please Sign In or Sign Up [/HIDE-THANKS] See more >>> http://level23hacktools.com/forum/showthread.php?t=39996 Link to comment Share on other sites More sharing options...
.webp.8407a83ac96563f75e1c428a1f0d4c3e.webp)
.webp.9a04cec050a656fab081ac190f971c3f.webp)
Hack Tools Resurrection
dEEpEst
Recommended Posts