CVE-2024-31819 PoC — WWBN AVideo 安全漏洞

Source

https://github.com/dream434/CVE-2024-31819

Associated Vulnerability

Title:WWBN AVideo 安全漏洞 (CVE-2024-31819)
Description:WWBN AVideo是WWBN团队的一个由PHP编写的视频平台建站系统。 WWBN AVideo v.12.4 到 v.14.2版本存在安全漏洞，该漏洞源于允许远程攻击者通过 SubmitIndex.php 组件的 systemRootPath 参数执行任意代码。

Description

An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.

Readme

# CVE-2024-31819
An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.

# Installation   🚀

<code>git clone https://github.com/dream434/CVE-2024-31819/</code>

<code>cd CVE-2024-31819</code>



<code>pip install -r requirements.txt</code>


<code>python exploit.py -url http://exemple.com </code>

#  Disclaimer ⚠️

This tool was created for educational purposes.

# Credit  💎

Chocapikk Orginal Poc

File Snapshot


 [4.0K]  /data/pocs/79b4f05f7878391c28bba7d8adf8e5f88f7ce20a
├── [2.0K]  exploit.py
├── [7.4K]  php_filter_chain.py
├── [ 520]  README.md
└── [  18]  requirements.txt

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!