Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2015-4455 PoC — WordPress Aviary Image Editor Add-on For Gravity Forms插件安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2015/CVE-2015-4455.yaml
Associated Vulnerability
Title:WordPress Aviary Image Editor Add-on For Gravity Forms插件安全漏洞 (CVE-2015-4455)
Description:WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台,该平台支持在PHP和MySQL的服务器上架设个人博客网站。Aviary Image Editor Add-on For Gravity Forms是其中的一个在Gravity Forms表单插件中集成了Adobe Creative SDK Photo/Image Editor(图像处理和编辑软件)的插件。 WordPress Aviary Image Editor Add-on For Gravity Forms插件3.0
Description
Unrestricted file upload vulnerability in includes/upload.php in the Aviary Image Editor Add-on For Gravity Forms plugin 3.0 beta for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in wp-content/uploads/gform_aviary.
File Snapshot

 id: CVE-2015-4455

info:
  name: WordPress Plugin Aviary Image Editor Addon For Gravity Forms 3.0 Be

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.