2020
06.05
06.05
This Metasploit module exploits a file upload feature of Drag and Drop Multi File Upload – Contact Form 7 for versions prior to 1.3.4. The allowed file extension list can be bypassed by appending a %, allowing for php shells to be uploaded. No authentication is required for exploitation.
No Comment.
Add Your Comment