Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2016-10033 PoC — PHPMailer 安全漏洞

Source
https://github.com/Threekiii/Awesome-POC/blob/master/CMS%E6%BC%8F%E6%B4%9E/Wordpress%204.6%20%E4%BB%BB%E6%84%8F%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20PwnScriptum.md
Associated Vulnerability
Title:PHPMailer 安全漏洞 (CVE-2016-10033)
Description:PHPMailer是一个用于发送电子邮件的PHP类库。 PHPMailer 5.2.18之前的版本中的isMail transport的‘mailSend’函数存在安全漏洞,该漏洞源于程序没有设置Sender属性。远程攻击者可利用该漏洞向邮件命令中传递额外的参数,并执行任意代码。
File Snapshot

 # Wordpress 4.6 任意命令执行漏洞 PwnScriptum

## 漏洞描述

参考:
- https://exploitbox.io/vuln/WordPress-Exploit-4-

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.