cve/CVE-2019-10869.md at d265b01db84ea263ae08fa7d2c08cb82387c2083

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-07 11:06:19 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

Path Traversal and Unrestricted File Upload exists in the Ninja Forms plugin before 3.0.23 for WordPress (when the Uploads add-on is activated). This allows an attacker to traverse the file system to access files and execute code via the includes/fields/upload.php (aka upload/submit page) name and tmp_name parameters.

POC

Reference

https://wpvulndb.com/vulnerabilities/9272

Github

https://github.com/0xT11/CVE-POC
https://github.com/ARPSyndicate/cvemon
https://github.com/KTN1990/CVE-2019-10869
https://github.com/alphaSeclab/sec-daily-2019
https://github.com/developer3000S/PoC-in-GitHub
https://github.com/hectorgie/PoC-in-GitHub

1011 B Raw Blame History

CVE-2019-10869

Description

POC

Reference

Github

1011 B

Raw Blame History