Victor CMS 1.0 - File Upload To RCE

Adam

Administrator
Staff member
Jul 15, 2020
719
2
18
Credits
3,870
Points
3,440
Offline
# Exploit Title: Victor CMS 1.0 - File Upload To RCE
# Date: 20.12.2020
# Exploit Author: Mosaaed
# Vendor Homepage:
# Software Link:
# Version: 1.0

# Tested on: Apache2/Linux

Step1: register
step2: login as user
step3: Go to Profile
step4: upload imag as php file (upload shell.php)
step5: update user
step6: You will find your shell in img folder :/path/img/cmd.php


uid=33(www-data) gid=33(www-data) groups=33(www-data)
 
Thread starter Similar threads Forum Replies Date
A Victor CMS 1.0 - File Upload To RCE Database exploit 0
A Victor CMS 1.0 - File Upload To RCE Database exploit 0
A Victor CMS 1.0 - Multiple SQL Injection (Authenticated) Web hacking 0
GRANDGALAXY SJ Apps and Games Next Hour - Movie Tv Show & Video Subscription Portal Cms Web and Mobile App APPS SOURCE CODES 0
A CMS Made Simple 2.2.15 - RCE (Authenticated) Database exploit 0
A Subrion CMS 4.2.1 - 'avatar[path]' XSS Database exploit 0
A vB4-CMS-Article-to-WP-Post-Converter vBulletin Releases 0
A seo-cms Search Engine Optimization 0
A Grav CMS 1.6.30 Admin Plugin 1.9.18 - 'Page Title' Persistent Cross-Site Scripting Exploits and Tools 0
GRANDGALAXY SJ Active Workdesk CMS v1.3 PHP Development 0
GRANDGALAXY SJ Android Ecommerce v1.0.21 - Universal Android Ecommerce / Store Full Mobile App with Laravel CMS PHP Development 0
GRANDGALAXY SJ Active Matrimonial CMS v2.7 PHP Development 0
GRANDGALAXY SJ Consultine v1.6 - Consulting, Business and Finance Website CMS PHP Development 0
GRANDGALAXY SJ Next Hour v2.9 - Movie Tv Show & Video Subscription Portal Cms PHP Development 0
GRANDGALAXY SJ Nexelit v2.0 - Multipurpose Website & Business Management System CMS PHP Development 0
GRANDGALAXY SJ eBook v2.0.2 - Laravel CMS Script PHP Development 0
C Nulled Nexelit v2.0 - Multipurpose Website & Business Management System CMS PHP Development 0
GRANDGALAXY SJ emart v1.3 - Laravel Multi-Vendor Ecommerce Advanced CMS - nulled PHP Development 0
GRANDGALAXY SJ Active Workdesk CMS v1.1 - nulled PHP Development 0
GRANDGALAXY SJ Laravel Ecommerce v4.0.18 - Universal Ecommerce/Store Full Website with Themes and Advanced CMS/Admin Panel PHP Development 0
GRANDGALAXY SJ Active eCommerce CMS v3.3 - nulled PHP Development 0
GRANDGALAXY SJ Happy Wedding v2.1 - Personal Wedding & Invitation CMS PHP Development 0
GRANDGALAXY SJ PlusAgency v2.7 - Multipurpose Website CMS & Business Agency Management System - nulled PHP Development 0
GRANDGALAXY SJ Construct v1.1- Building and Construction Website CMS PHP Development 0
GRANDGALAXY SJ Nexelit v1.9 - Multipurpose Website & Business Management System CMS PHP Development 0
GRANDGALAXY SJ Superv v1.0 - Restaurant Website CMS & Management System with Food Order PHP Development 0
GRANDGALAXY SJ Porn Envato Elements File Downloader Other leaks 0
GRANDGALAXY SJ Porn x61 Mega.nz Hits with File Tree Capture Other leaks 0
GRANDGALAXY SJ Apps and Games Sentry File of Steam to CS:GO Bot APPS SOURCE CODES 0
GRANDGALAXY SJ Apps and Games ADVANCED KEYLOGGER [[ COSANOSTRA FULL SOURCE CODE LEAK + SQL FILE ]] [FROM SELLER] APPS SOURCE CODES 0
GRANDGALAXY SJ Apps and Games ANDROID TESTER V6.4.6 | ANDROID RAT, KEYLOGGER, FILE MANGER & MORE | + SOURCE CODE APPS SOURCE CODES 0
GRANDGALAXY SJ programs Dream AIO | File Binder Program Leaks 0
GRANDGALAXY SJ programs File Binder | File Pumper | Spoofer | Icon changer | Psychonix Tool Program Leaks 0
GRANDGALAXY SJ ES File Explorer File Manager v4.1.8.1 [Mod] APPS SOURCE CODES 0
GRANDGALAXY SJ X-plore File Manager v4.01.00 [Donate] APPS SOURCE CODES 0
GRANDGALAXY SJ Send Anywhere (File Transfer) v9.11.20 - Premium Unlocked APPS SOURCE CODES 0
GRANDGALAXY SJ Extracting Combos (Email:Pass) from any text file Monetizing Methods & Ebook Leaks 0
GRANDGALAXY SJ programs Trident File Locker builder! RANSOMWARE Program Leaks 0
GRANDGALAXY SJ Dumps [OLD]OGUSERS DATABASE (.TXT FILE) Dumps 0
GRANDGALAXY SJ MONEY 2020 Super-Affiliate’s Master Swipe File – $350 A Day Affiliate Marketing System Make money online 0
GRANDGALAXY SJ File-Upload Config For Sentry Mba 2019 With Proof By Me |New Back| Cracking Configs 0
A VENO FILE MANAGER V3.4.7 - HOST AND SHARE FILES Webmaster Resources 0
GRANDGALAXY SJ Thread Design WITH PSD FILE! Other leaks 0
A WordPress Plugin W3 Total Cache - Unauthenticated Arbitrary File Read (Metasploit) Database exploit 0
A WordPress Plugin W3 Total Cache - Unauthenticated Arbitrary File Read (Metasploit) Database exploit 0
A WordPress Plugin Adning Advertising 1.5.5 - Arbitrary File Upload Database exploit 0
A WordPress Plugin W3 Total Cache - Unauthenticated Arbitrary File Read (Metasploit) Database exploit 0
A WordPress Plugin Adning Advertising 1.5.5 - Arbitrary File Upload Database exploit 0
GRANDGALAXY SJ Avast Internet Security 18.6.3983 License File Program Leaks 0
A Alumni Management System 1.0 - Unrestricted File Upload To RCE Exploits and Tools 0
Similar threads