EQSTLab
commented
3 weeks ago This issue occurs for the following reasons.
- For vulnerabilities that run in blind format, you can't get results by just typing commands. Try testing with OAST (Out-of-Band Application Security Testing) using a combination of "curl" and "Linux commands".
- WordPress images don't have netcat-traditional installed by default, so you can't run the nc command with the e option. Try installing netcat-traditional manually on your image or utilize a php command to connect a reverse shell.
When i try to run a netcat reverse shell command or a simple whoami command it did not work.
Also in the demo video it shows when the exploit successfully executed it shows as Exploited. Whereas i don't find any print command in the code which print Exploited after the successful execution of the exploit.