Complaint Management System version 1.0 suffers from a remote shell upload vulnerability.
63d4e5e9c6906bee7a22301f44672e940ded979d80a0a7d34b5a02e788cfe3c6************************************************************************************
# Title: Complaint Management System v1.0- unrestricted file upload leading to RCE
# Exploit Author: Mohamed Elobeid (0b3!d)
# Date: 2020-08-21
# Vendor Homepage: https://www.sourcecodester.com/php/14206/complaint-management-system.html
# Software Link: https://www.sourcecodester.com/download-code?nid=14206&title=Complaint+Management+System
# Tested On: Windows 10 Pro 1909 (x64_86) + XAMPP 3.2.4
# Description: Users can upload php files and then can execute these file from the url http://target/Complaint%20Management%20System/users/complaintdocs/phpinfo.php leading to RCE .
#POC
1-create phpinfo.php with the content "<?php phpinfo(); ?>""
2-login as a normal user, register a new compliant and attach phpinfo.php
3--browse your submitted complaint and view the attached file
************************************************************************************************
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed