CVE-2018-6389 PoC — WordPress 安全漏洞

Source

https://github.com/rastating/modsecurity-cve-2018-6389

Associated Vulnerability

Title:WordPress 安全漏洞 (CVE-2018-6389)
Description:WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。 WordPress 4.9.2及之前版本中存在安全漏洞。攻击者可通过使用较大的registered .js文件列表，创建请求来多次加载文件利用该漏洞造成拒绝服务（资源消耗）。

Description

A ModSecurity ruleset for detecting potential attacks using CVE-2018-6389

Readme

# modsecurity-cve-2018-6389
A ModSecurity ruleset for detecting potential attacks using CVE-2018-6389.

For more information, see https://www.rastating.com/protecting-wordpress-against-cve-2018-6389/

File Snapshot


 [4.0K]  /data/pocs/680b8ab7431bb984358ed81a7f25352fff257576
├── [ 167]  cve-2018-6389.conf
└── [ 200]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!