Sakura-501

1 exploit Active since Aug 2020
CVE-2020-24186 NOMISEC CRITICAL WORKING POC
wpDiscuz 7.0-7.0.4 - Unauthenticated Remote Code Execution via File Upload
A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allows unauthenticated users to upload any type of file, including PHP files via the wmuUploadFiles AJAX action.
3 stars
CVSS 10.0