CVE-2024-9047

The repository contains functional exploit code for multiple CVEs, including CVE-2026-22812, which demonstrates a command execution vulnerability in OpenCode. The PoC sends crafted requests to exploit the vulnerability and verify command execution via the 'id' command.

This repository contains a functional proof-of-concept exploit for CVE-2024-9047, targeting a directory traversal vulnerability in the WordPress File Upload plugin (versions <= 4.24.11). The exploit allows unauthenticated users to download arbitrary files from the server's filesystem via improper input validation in the wfu_file_downloader.php file.

This PoC exploits CVE-2024-9047, an arbitrary file read vulnerability in WordPress File Upload plugin versions <= 4.24.11. It checks for the vulnerability by attempting to read /etc/passwd via manipulated cookies and headers.

This is a functional exploit for CVE-2024-9047, targeting a path traversal vulnerability in the WordPress File Upload plugin (versions up to 4.24.11). It allows unauthenticated attackers to read arbitrary files on the server by manipulating cookies and POST data.

This Python script exploits an unauthenticated path traversal vulnerability in the WordPress WP File Upload plugin (versions <= 4.24.11) to read arbitrary files from the target system. It constructs a malicious request with crafted cookies to bypass restrictions and retrieve file contents.

The repository contains a README describing CVE-2024-9047, a vulnerability in WordPress File Upload Solution involving arbitrary file access and manipulation via wfu_file_downloader.php. No exploit code or technical details are provided.

The repository contains functional exploit code for CVE-2024-9047, targeting an arbitrary file upload vulnerability in the WordPress Plugin 3DPrint Lite 1.9.1.4. The exploit demonstrates the ability to upload a malicious file to a vulnerable target.