WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution

#Trace: 授权用户的拿webshell的方法.受影响版本<=2.8.5,受服务器环境影响.

Note:

WordPress allows authorised users to add an attachment to a blog post.
It does not sanitize provided file properly before moving it to an  
uploads directory.

http://seclists.org/fulldisclosure/2009/Nov/141

from:web安全手册

发表评论

电子邮件地址不会被公开。

您可以使用这些HTML标签和属性: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>