Exploits / Vulnerability Discovered : 2023-05-13 |
Type : webapps |
Platform : php
This exploit / vulnerability Job portal 1.0 file upload restriction bypass is for educational purposes only and if it is used you will do on your own risk!
File Upload Restriction Bypass vulnerabilities were found in Job Portal
1.0. This allows for an authenticated user to potentially obtain RCE via
webshell.
2. Proof of Concept
1. Go the user profile >> (/jobportal/applicant/)
2.- Select profile image and load a valid image.
3. Turn Burp/ZAP Intercept On
4. Select webshell - ex: shell.png
5. Alter request in the upload...
Update 'filename' to desired extension. ex: shell.php
Not neccesary change content type to 'image/png'