9 matches found
Exploit for Unrestricted Upload of File with Dangerous Type in Amentotech Workreap
CVE-2021-24499 Mass exploitation of CVE-2021-24499 unauthentic...
WordPress Workreap 2.2.2 Shell Upload
Exploit Title: WordPress Theme Workreap 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution Dork: inurl:/wp-content/themes/workreap/ Date: 2023-06-01 Category : Webapps Vendor Homepage: https://themeforest.net/item/workreap-freelance-marketplace-wordpress-theme/23712454 Exploit Author...
WordPress Workreap 2.2.2 Shell Upload Exploit
Exploit Title: WordPress Theme Workreap 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution Dork: inurl:/wp-content/themes/workreap/ Category : Webapps Vendor Homepage: https://themeforest.net/item/workreap-freelance-marketplace-wordpress-theme/23712454 Exploit Author: Mohammad Hossei...
WordPress Theme Workreap 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution
Exploit Title: WordPress Theme Workreap 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution Dork: inurl:/wp-content/themes/workreap/ Date: 2023-06-01 Category : Webapps Vendor Homepage: https://themeforest.net/item/workreap-freelance-marketplace-wordpress-theme/23712454 Exploit Author...
CVE-2021-24499
creationtimestamp| type| source ---|---|--- 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-24499.yaml 2024-05-14 02:41:03+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/4293 2024-12-30...
WordPress Workreap Theme Remote Code Execution (CVE-2021-24499)
A remote code execution vulnerability exists in WordPress Workreap theme. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Exploit for Unrestricted Upload of File with Dangerous Type in Amentotech Workreap
CVE-2021-24499 Mass exploitation of CVE-2021-24499 unauthentic...
CVE-2021-24499 Workreap theme < 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution
The Workreap WordPress theme before 2.2.2 AJAX actions workreapawardtempfileuploader and workreaptempfileuploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to the uploads/workreap-temp...
CVE-2021-24499
The CVE affects WordPress Workreap theme prior to 2.2.2. The AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader do not perform nonce checks or validate the requester, allowing unauthenticated uploads to uploads/workreap-temp. Uploaded files were not sanitized, enabling...