mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-15 07:40:25 +02:00
0xMarcio
1.2 KiB
1.2 KiB
CVE-2016-1209
Description
The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via crafted serialized values in a POST request.
POC
Reference
- http://packetstormsecurity.com/files/137211/WordPress-Ninja-Forms-Unauthenticated-File-Upload.html
- http://www.pritect.net/blog/ninja-forms-2-9-42-critical-security-vulnerabilities
- https://wpvulndb.com/vulnerabilities/8485
Github
- https://github.com/20142995/nuclei-templates
- https://github.com/ACIC-Africa/metasploitable3
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Karma47/Cybersecurity_base_project_2
- https://github.com/aazard/Cyber_Security_Base_Project_II
- https://github.com/bharathkanne/csb-2
- https://github.com/maasikai/cybersecuritybase-project-2
- https://github.com/zhanpengliu-tencent/medium-cve