eClass LMS version 2.6 suffers from a remote shell upload vulnerability.
821f038a5aea7535d29976f21a3178c0ea90e27337c64e36e72aa2b0fe9737ae<--
# Exploit Title: eClass - Learning Management System Arbitrary File Upload
# Google Dork: N/A
# Date: 30/11/2020
# Exploit Author: Sohel Yousef - sohel.yousef@yandex.com
# Software Link:https://mediacity.co.in/eclass
# Software link 2:
https://codecanyon.net/item/eclass-learning-management-system/25613271
# Software Demo :https://mediacity.co.in/eclass/demo/public/
# Version: ( Version 2.6 )
# Category: webapps
1. Description
eclass learning script contain arbitrary file upload
registered user can upload .php files in profile picture section without
any security
profile link :
localhost /eclass/demo/public/profile/show/
edit profile photo and upload php files and inspect element your php
direction
uploaded file direction
local host /eclass/demo/public/images/user_img/16067501901.php <---- random
id
just right click the photo and use inspect element you will have your
direction
#####
-->
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed