Headline
CVE-2022-37184: CVE-nu11secur1ty/vendors/mayuri_k/2022/Garage-Management-System-1.0-SFU at main · nu11secur1ty/CVE-nu11secur1ty
The application manage_website.php on Garage Management System 1.0 is vulnerable to Shell File Upload. The already authenticated malicious user, can upload a dangerous RCE or LCE exploit file.
Description:
The application manage_website.php on Garage-Management-System-1.0 is vulnerable to Shell File Upload. The already authenticated malicious user can upload a very dangerous RCE or LCE exploit file.
After this attack, he can share a lot of sensitive information or he can do more very bad things with this system. No matter what host it is, internal or external.
Status: Highly Vulnerable
Reproduce:
href
Proof and Exploit:
href