Artworks Gallery 1.0 Shell Upload

Artworks Gallery 1.0 Shell Upload: Posted Nov 16, 2020; Authored by Shahrukh Iqbal Mirza; Artworks Gallery version 1.0 suffers from multiple remote shell upload vulnerabilities.; tags | exploit, remote, shell, vulnerability; advisories | CVE-2020-28688; SHA-256 | 05cc23392079332f733baecdf6b22052cb8e4f07f3e0a5d424bd1264ad458013; Download | Favorite | View

Artworks Gallery 1.0 Shell Upload

*Artworks Gallery - Arbitrary File Upload - RCE (Authenticated) - Edit
Profile*

# Exploit Title: Artworks Gallery - Arbitrary File Upload - RCE
(Authenticated) - Edit Profile
# Date: November 17th, 2020
# Exploit Author: Shahrukh Iqbal Mirza (@shahrukhiqbal24)
# Vendor Homepage: Source Code & Projects (https://code-projects.org)
# Software Link: ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL (
https://download.code-projects.org/details/9dfede24-03cc-42a8-b319-f666757ac7cf
)
# Version: 1.0
# Tested On: Windows 10 (XAMPP Server)
# CVE: CVE-2020-28687
-----------------------------------------------------------------------------------------------------------
*Proof of Concept:*
-----------------------------------------------------------------------------------------------------------
1. Authenticate as a user (or signup as an artist)
2. Go to edit profile
3. Upload a php-shell as profile picture and click update/save
4. Find your shell at 'http://<ip>/<base_url>/pictures/profile/<shell.php>'
and get command execution


----------

*Artworks Gallery - Arbitrary File Upload - RCE (Authenticated) - Add
Artwork*

# Exploit Title: Artworks Gallery - Arbitrary File Upload - RCE
(Authenticated) - Add Artwork
# Date: November 17th, 2020
# Exploit Author: Shahrukh Iqbal Mirza (@shahrukhiqbal24)
# Vendor Homepage: Source Code & Projects (https://code-projects.org)
# Software Link: ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL (
https://download.code-projects.org/details/9dfede24-03cc-42a8-b319-f666757ac7cf
)
# Version: 1.0
# Tested On: Windows 10 (XAMPP Server)
# CVE: CVE-2020-28688
-----------------------------------------------------------------------------------------------------------
Proof of Concept:
-----------------------------------------------------------------------------------------------------------
1. Authenticate as a user (or signup as an artist)
2. Click the drop down for your username and go to My ART+BAY
3. Click on My Artworks > My Available Artworks > Add an Artwork
4. Click on any type of artwork and instead of the picture, upload your
php-shell > click on upload
5. Find your shell at 'http://<ip>/<base_url>/pictures/arts/<shell.php>'
and get command execution

Top Authors In Last 30 Days

Red Hat 242 files
Ubuntu 57 files
Debian 22 files
LiquidWorm 15 files
Apple 9 files
Gentoo 8 files
Google Security Research 3 files
Alter Prime 3 files
Pierre Kim 2 files
Jann Horn 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,166)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,607)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,965)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,344)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,994)
UNIX (9,476)
UnixWare (188)
Windows (6,784)
Other

Artworks Gallery 1.0 Shell Upload

Artworks Gallery 1.0 Shell Upload

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Artworks Gallery 1.0 Shell Upload

Share This

Artworks Gallery 1.0 Shell Upload

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems