CVE-2024-31819 PoC — WWBN AVideo 安全漏洞

Source

https://github.com/Jhonsonwannaa/CVE-2024-31819

Associated Vulnerability

Title:WWBN AVideo 安全漏洞 (CVE-2024-31819)
Description:WWBN AVideo是WWBN团队的一个由PHP编写的视频平台建站系统。 WWBN AVideo v.12.4 到 v.14.2版本存在安全漏洞，该漏洞源于允许远程攻击者通过 SubmitIndex.php 组件的 systemRootPath 参数执行任意代码。

Description

An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.

Readme

# CVE-2024-31819
An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.

# Installation   🚀

<code>git clone https://github.com/Jhonsonwannaa/CVE-2024-31819/</code>

<code>cd CVE-2024-31819</code>



<code>pip install -r requirements.txt</code>


<code>python exploit.py -url http://exemple.com </code>

#  Disclaimer ⚠️

This tool was created for educational purposes.

File Snapshot


 [4.0K]  /data/pocs/b0ed914cd2cef085b5484b0ed1fe7ee73478f461
├── [1.8K]  exploit.py
├── [7.4K]  php_filter_chain.py
├── [ 486]  README.md
└── [  18]  requirements.txt

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!