code-scan starred CVE-2021-29447

code-scan starred CVE-2021-29447
2021-04-30 23:20:20 Author: github.com(查看原文) 阅读量:280 收藏

1 branch 0 tags

Go to file

Code

Clone

Use Git or checkout with SVN using the web URL.

Latest commit

motikan2010 Update README.md

b2c20f5

Apr 18, 2021

Update README.md

b2c20f5

Git stats

4 commits

Files

Permalink

Failed to load latest commit information.

Type

Name

Latest commit message

Commit time

attacker

fix attacker/malicious_wav/index.js

Apr 17, 2021

Apr 16, 2021

Apr 16, 2021

Apr 18, 2021

Apr 16, 2021

README.md

Using

Step1. Run WordPress

$ make up-wp

Step2. Run Attacker web server

$ make up-mal

Step3. Generate malicious WAV file

$ make make-wav

Step4. Login to WordPress & Upload WAV file to New Media

Step5. decode

References

WordPress 5.6-5.7 - Authenticated XXE Within the Media Library Affecting PHP 8 Security Vulnerability

About

WordPress - Authenticated XXE (CVE-2021-29447)

Resources

Readme

Languages

文章来源: https://github.com/motikan2010/CVE-2021-29447
如有侵权请联系:admin#unsafe.sh