Atrocore 1.5.25 Shell Upload

## Title: atrocore-1.5.25 User interaction - Unauthenticated File upload - RCE## Author: nu11secur1ty## Date: 02.16.2023## Vendor: https://atropim.com/## Software: https://github.com/atrocore/atrocore/releases/tag/1.5.25## Reference: https://portswigger.net/web-security/file-upload## Description:The `Create Import Feed` option with `glyphicon-glyphicon-paperclip`function appears to be vulnerable to User interaction -Unauthenticated File upload - RCE attacks.The attacker can easily upload a malicious then can execute the fileand can get VERY sensitive information about the configuration of thissystem, after this he can perform a very nasty attack.STATUS: HIGH Vulnerability CRITICAL[+]Payload:```PHP<?php  phpinfo();?>```## Reproduce:[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/atrocore/atrocore-1.5.25)## Reference:[href](https://portswigger.net/web-security/file-upload)## Proof and Exploit:[href](https://streamable.com/g8998d)## Time spend:00:45:00-- System Administrator - Infrastructure EngineerPenetration Testing EngineerExploit developer at https://packetstormsecurity.com/https://cve.mitre.org/index.htmlhttps://cxsecurity.com/ and https://www.exploit-db.com/0day Exploit DataBase https://0day.today/home page: https://www.nu11secur1ty.com/hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E=                          nu11secur1ty <http://nu11secur1ty.com/>