尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
| 厂商 | 产品 | 影响版本 | CPE | 订阅 |
|---|---|---|---|---|
| ValvePress | Automatic | n/a ~ 3.92.0 | - |
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | None | https://github.com/truonghuuphuc/CVE-2024-27956 | POC详情 |
| 2 | PoC for wordpress takeover in CVE-2024-27956 | https://github.com/diego-tella/CVE-2024-27956-RCE | POC详情 |
| 3 | CVE-2024-27956 WORDPRESS RCE PLUGIN | https://github.com/X-Projetion/CVE-2024-27956-WORDPRESS-RCE-PLUGIN | POC详情 |
| 4 | None | https://github.com/FoxyProxys/CVE-2024-27956 | POC详情 |
| 5 | CVE-2024-27956 | https://github.com/k3ppf0r/CVE-2024-27956 | POC详情 |
| 6 | CVE-2024-27956 RCE POC WordPress | https://github.com/nancyariah4/CVE-2024-27956 | POC详情 |
| 7 | WordPress Auto Admin Account Creation and Reverse Shell cve-2024-27956 automates the process of creating a new administrator account in a WordPress site and executing a reverse shell on the target server. It utilizes the wp-automatic plugin's CSV injection vulnerability to execute SQL queries | https://github.com/AiGptCode/WordPress-Auto-Admin-Account-and-Reverse-Shell-cve-2024-27956 | POC详情 |
| 8 | None | https://github.com/W3BW/CVE-2024-27956-RCE-File-Package | POC详情 |
| 9 | WordPress Automatic Plugin <= 3.92.0 - SQL Injection | https://github.com/Cappricio-Securities/CVE-2024-27956 | POC详情 |
| 10 | None | https://github.com/itzheartzz/MASS-CVE-2024-27956 | POC详情 |
| 11 | Valve Press - CVE-2024-27956-RCE - SQL Injection | https://github.com/TadashiJei/Valve-Press-CVE-2024-27956-RCE | POC详情 |
| 12 | None | https://github.com/cve-2024/CVE-2024-27956-RCE | POC详情 |
| 13 | Perform with massive Wordpress SQLI 2 RCE | https://github.com/ThatNotEasy/CVE-2024-27956 | POC详情 |
| 14 | None | https://github.com/CERTologists/EXPLOITING-CVE-2024-27956 | POC详情 |
| 15 | Yaml PoC rule for fscan. | https://github.com/7aRanchi/CVE-2024-27956-for-fscan | POC详情 |
| 16 | The Automatic plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 3.92.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-27956.yaml | POC详情 |
| 17 | Attacks a vulnerable WordPress site with the wp-automatic plugin. Inserts a new user called eviladmin directly into the database (INSERT INTO wp_users). Searches for the ID of the newly created user (cyclic SELECT). Promotes eviladmin to Administrator (INSERT INTO wp_usermeta). | https://github.com/m4nInTh3mIdDle/wordpress-CVE-2024-27956 | POC详情 |
| 18 | CVE-2024-27956 - WP Automatic SQL Injection Exploit Tool | https://github.com/devsec23/CVE-2024-27956 | POC详情 |
| 19 | CVE-2024-27956 | https://github.com/0axz-tools/CVE-2024-27956 | POC详情 |
| 20 | Valve Press - CVE-2024-27956-RCE - SQL Injection | https://github.com/hitazuranahiro/Valve-Press-CVE-2024-27956-RCE | POC详情 |
未找到公开 POC。
登录以生成 AI POC暂无评论