WordPress Backup Guard Authenticated Remote Code Execution Exploit

Anon666Exp3rt 1K 2nd Sep, 2021

Plaintext 5.18 KB

copiar compartilhar raw download clone embed reportar print

Carregando, por favor espere...

Descrição

PHP | CVE-2021-24155 | remote exploits | This Metasploit module allows an attacker with a privileged WordPress account to launch a reverse shell due to an arbitrary file upload vulnerability in Wordpress plugin Backup Guard versions prior to 1.6.0. This is due to an incorrect check of the uploaded file extension which should be of SGBP type. Then, the uploaded payload can be triggered by a call to /wp-content/uploads/backup-guard/<random_payload_name>.php.

Para compartilhar este texto, copie esta URL e envie para os seus amigos

Dados do Texto RAW

Textos Recentes

MEGA PACK
HTML | 47 | há 1 hora
Little girls hidden videos
HTML | 126 | há 3 horas
Russian
HTML | 118 | há 3 horas
Sem título
HTML | 237 | há 8 horas
A Interactive cyoas list
HTML | 236 | há 9 horas
Arshal
HTML | 250 | há 11 horas
Sem título
HTML | 289 | há 12 horas

WordPress Backup Guard Authenticated Remote Code Execution Exploit

Código Embed

Informar Problema

Compartilhar

Idiomas do site