CVEs-PoC/2021/CVE-2021-25119.md at main

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-02-12 18:42:46 +00:00

Files

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

852 B

Raw Permalink Blame History

CVE-2021-25119

Description

The AGIL WordPress plugin through 1.0 accepts all zip files and automatically extracts the zip file without validating the extracted file type. Allowing high privilege users such as admin to upload an arbitrary file like PHP, leading to RCE

POC

Reference

https://wpscan.com/vulnerability/47235989-d9f1-48a5-9799-fdef0889bf8a

Github

https://github.com/20142995/nuclei-templates

852 B Raw Permalink Blame History

CVE-2021-25119

Description

POC

Reference

Github

852 B

Raw Permalink Blame History