Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Unrestricted file upload vulnerability in WordPress 2.5.1 and earlier might allow remote authenticated administrators to upload and execute arbitrary PHP files via the Upload section in the Write Tabs area of the dashboard.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
WordPress Write标签任意文件上传漏洞
Vulnerability Description
WordPress是一款免费的论坛Blog系统。 WordPress的实现上存在输入验证漏洞,有管理员权限的远程攻击者可能利用此漏洞在服务器上执行任意命令。 当用户以管理器身份登录到WordPress后,就可以通过Write标签张贴标题、内容和上传文件。在Upload部分,用户可以向系统上传r57、c99等PHP脚本,所上传的脚本会出现在http://[target]/wp-content/uploads/[year]/[month]/file.php 。如果无法上传PHP脚本的话,会出现"File ty
CVSS Information
N/A
Vulnerability Type
N/A