# Exploit Title: Responsive E-Learning System 1.0 - Unrestricted File Upload to RCE# Date: 2020-12-24# Exploit Author: Kshitiz Raj (manitorpotterk)# Vendor Homepage: https://www.sourcecodester.com/php/5172/responsive-e-learning-system.html# Software Link: https://www.sourcecodester.com/download-code?nid=5172&title=Responsive+E-Learning+System+using+PHP%2FMySQLi+with+Source+Code# Version: 1.0# Tested on: Windows 10/Kali Linux
Step 1-Login to the application with admin credentials.
Step 2- Click on Student or go to http://localhost/elearning/admin/student.php
Step 3- Click on Add Student and fill the required things.
Step 4- In image upload any php reverse shell.
Step 5- Visit "http://localhost/elearning/admin/uploads/"and select your uploaded PHP web shell.
