CVE-2020-24186 PoC — WordPress 代码问题漏洞

Source

https://github.com/meicookies/CVE-2020-24186

Associated Vulnerability

Title:WordPress 代码问题漏洞 (CVE-2020-24186)
Description:WordPress是WordPress基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。 WordPress wpDiscuz 7.0.4之前版本中存在远程代码执行漏洞，该漏洞允许攻击者上传任意文件。.

Description

WpDiscuz 7.0.4 Arbitrary File Upload Exploit

Readme

- chmod +x CVE-2020-24186
- ./CVE-2020-24186

![exp](https://i.ibb.co/rb0Vdgt/Screenshot-2021-08-13-184603.png)
![upshell](https://i.ibb.co/Gc328n6/Screenshot-2021-08-13-184711.png)

File Snapshot


 [4.0K]  /data/pocs/e5cf65f4fa5ecb07ab0fa5a8f4d46dde0865139e
├── [1.6K]  CVE-2020-24186
├── [ 182]  README.md
└── [ 373]  u.php

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!