CVE-2020-24186

This is a functional exploit for CVE-2020-24186, targeting an unauthenticated file upload vulnerability in wpDiscuz 7.0.4. It uploads a PHP webshell and executes arbitrary commands via a crafted multipart request.

This exploit targets CVE-2020-24186, a file upload vulnerability in wpDiscuz 7.0.4, to upload a PHP reverse shell. It bypasses security checks by disguising the shell as an image file and leverages CSRF tokens for authentication.

This is a functional exploit for CVE-2020-24186, targeting a file upload vulnerability in the WordPress plugin wpDiscuz 7.0.4. It bypasses security checks to upload a PHP webshell, enabling remote code execution via a crafted multipart form request.

This PoC exploits CVE-2020-24186, an arbitrary file upload vulnerability in WordPress plugins, to achieve remote code execution (RCE). It uploads a malicious PHP payload disguised as a GIF file and provides options for an interactive webshell or reverse shell.

This PoC exploits CVE-2020-24186, an arbitrary file upload vulnerability in WP-Discuz 7.0.4, by uploading a malicious PHP shell. It automates the process of checking for vulnerable targets, extracting necessary tokens, and uploading the shell.

This PoC exploits CVE-2020-24186, a file upload vulnerability in a PHP application, allowing arbitrary file uploads leading to remote code execution. The `u.php` script demonstrates a simple file upload form that can be abused to upload malicious files.

This exploit leverages an unauthenticated arbitrary file upload vulnerability in WordPress plugin wpDiscuz 7.0.4. It uploads a PHP webshell disguised as an image file and provides interactive command execution.

This exploit leverages an unauthenticated file upload vulnerability in WordPress Plugin wpDiscuz 7.0.4 to upload a PHP webshell, enabling remote code execution. It bypasses security checks by disguising the payload as an image file.

This Metasploit module exploits an unauthenticated arbitrary file upload vulnerability in the WordPress wpDiscuz plugin (versions 7.0.0 to 7.0.4). It uploads a malicious PHP file disguised as a GIF image to achieve remote code execution.