CVE-2012-3576 PoC — WordPress ‘wpStoreCart’插件无限制文件上传漏洞

Source

https://github.com/Ydvmtzv/wpstorecart-exploit

Associated Vulnerability

Title:WordPress ‘wpStoreCart’插件无限制文件上传漏洞 (CVE-2012-3576)
Description:WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。 WordPress中的wpStoreCart插件2.5.30之前版本中的php/upload.php中存在无限制文件上传漏洞。远程攻击者可利用该漏洞通过上传可执行扩展文件执行任意代码，然后通过直接请求到uploads/wpstorecart文件访问它。

Description

Simple PoC of wpstorecart before 2.5.30 plugin exploit (CVE-2012-3576) written in bash.

Readme

Simple PoC of wpstorecart before 2.5.30 plugin exploit (CVE-2012-3576) written in bash.

File Snapshot


 [4.0K]  /data/pocs/a664543080aeed0ca1f3e96d373ad50f478af087
├── [ 34K]  LICENSE
├── [  89]  README.md
└── [ 379]  wpstorecart-exploit.sh

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!