Online Student’s Management System 1.0 – Remote Code Execution (Authenticated)

• Exploit Database
• 106 阅读

• 作者： Akıner Kısa
  日期： 2020-10-19
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/48896/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18

  # Exploit Title: Online Student's Management System 1.0 - Remote Code Execution (Authenticated) # Google Dork: N/A # Date: 2020/10/18 # Exploit Author: Akıner Kısa # Vendor Homepage: https://www.sourcecodester.com/php/14490/online-students-management-system-php-full-source-code-2020.html # Software Link: https://www.sourcecodester.com/sites/default/files/download/janobe/studentrecord_0.zip # Version: 1.0 # Tested on: XAMPP # CVE : N/A   Proof of Concept:   1 - Go to http://localhost/studentrecord/ url, click "click here to sign in" text and login with the 070101:070101 information.   2 - Then go to http: //localhost/studentrecord/my-profile.php and upload your shell file from the upload new photo section and click the update button.   3 - Finally, open your shell in http://localhost/studentrecord/staffphoto/shell.php