Become a patron and gain access to the dashboard, Schedule scans, API and Search patron
Author
"Shahrukh Iqbal Mirza"
Platform
multiple
Release date
2020-12-02
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | # Exploit Title: Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Edit Profile # Date: November 17th, 2020 # Exploit Author: Shahrukh Iqbal Mirza (@shahrukhiqbal24) # Vendor Homepage: Source Code & Projects (https://code-projects.org) # Software Link: https://download.code-projects.org/details/9dfede24-03cc-42a8-b319-f666757ac7cf # Version: 1.0 # Tested On: Windows 10 (XAMPP Server) # CVE: CVE-2020-28687 -------------------- Proof of Concept: -------------------- 1. Authenticate as a user (or signup as an artist) 2. Go to edit profile 3. Upload a php-shell as profile picture and click update/save 4. Find your shell at 'http://<ip>/<base_url>/pictures/profile/<shell.php>' and get command execution |
Release Date | Title | Type | Platform | Author |
---|---|---|---|---|
2020-12-02 | "Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Add Artwork" | webapps | multiple | "Shahrukh Iqbal Mirza" |
2020-12-02 | "Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Edit Profile" | webapps | multiple | "Shahrukh Iqbal Mirza" |
2020-10-01 | "MonoCMS Blog 1.0 - Arbitrary File Deletion (Authenticated)" | webapps | php | "Shahrukh Iqbal Mirza" |
import requests
response = requests.get('https://www.nmmapper.com/api/v1/exploitdetails/49167/?format=json')
For full documentation follow the link above