Exploits / Vulnerability Discovered : 2021-11-02 |
Type : webapps |
Platform : multiple
This exploit / vulnerability Codiad 2.8.4 remote code execution (authenticated) (4) is for educational purposes only and if it is used you will do on your own risk!
###################-------------------------##########################------------###################
# Proof of Concept: #
# #
# 1- login on codiad #
# #
# 2- go to themes/default/filemanager/images/codiad/manifest/files/codiad/example/INF/" directory #
# #
# 3- right click and select upload file #
# #
# 4- click on "Drag file or Click Here To Upload" and select your reverse_shell file #
# #
###################-------------------------#########################-------------###################
after that your file should be in INF directory, right click on your file and select delete,