# Exploit Title: Digi Online Examination System Unrestricted File Upload Vulnerability # Date: 12-10-2014 # Exploit Author: Halil Dalabasmaz # Version: v2.0 # Software Link: http://codecanyon.net/item/digi-online-examination-system-does/8610180 # Software Test Link: http://s1.digitalvidhya.com/doesv2/ # Vulnerabilities Description: ===Unrestricted File Upload=== You can upload your shell from "Photo" section while register the system. And then chekc your shell from here; http://example.com/assets/uploads/images/shellname.php =Solution= Filter the files aganist to attacks.