Complaint Management System 1.0 Shell Upload

Complaint Management System version 1.0 suffers from a remote shell upload vulnerability.

MD5 | c7041ac8f36188440071c2ed76b5d17b

# Title: Complaint Management System v1.0- unrestricted file upload leading to RCE
# Exploit Author: Mohamed Elobeid (0b3!d)
# Date: 2020-08-21
# Vendor Homepage:
# Software Link:
# Tested On: Windows 10 Pro 1909 (x64_86) + XAMPP 3.2.4
# Description: Users can upload php files and then can execute these file from the url http://target/Complaint%20Management%20System/users/complaintdocs/phpinfo.php leading to RCE .


1-create phpinfo.php with the content "<?php phpinfo(); ?>""
2-login as a normal user, register a new compliant and attach phpinfo.php
3--browse your submitted complaint and view the attached file


Related Posts