HomeAbout UsProducts
GEOINT - AI-Powered Geo Intelligence Platformpawnd — exploit development & memory triage
BlogOur Services
Automotive Security TestingIoT & Firmware TestingUAV & Drone SecurityWeb & Mobile Security
Trainings
Linux Usermode Exploitation 101
Contact
BLOG

CVE-2023-37152: Online Art gallery project 1.0 – Arbitrary File Upload (Unauthenticated)

June 16, 2023 ·

Blog / Blog

Affected Product

Online Art gallery project

Affected version

1.0

CVE ID

CVE-2023-37152

Vulnerability Type

Arbitrary File Upload (Unauthenticated)

Type

WEBAPPS

Description

Online Art Gallery Project 1.0 allows unauthenticated users to perform arbitrary file uploads via the adminHome.php page. Due to the absence of an authentication mechanism and inadequate file validation, attackers can upload malicious files, potentially leading to remote code execution and unauthorized access to the server.

Proof of Concept

To exploit this vulnerability, an attacker needs to do the following:

  1. Identify the URL of the target application where the Online Art gallery project is installed. For example, http://example.com
  2. Use the below exploit to upload a simple backdoor to the server:
python 51524.py http://example.com

After successful upload, check the following URL: http://example.com/images/Slidersimple-backdoor.php?c=whoami

References

EDB-ID

  • 51524

Exploit

Vendor Homepage

Software Link

CVE-2023-37152
← Previous

CVE-2023-36256: Online Examination System Project 1.0 – Cross-site request forgery (CSRF)

 Next →

Walkthrough: Config Editor app in Android

Access from the European Union/UK is restricted

This system is not offered to EU, UK, or EEA users.

This system is a non-EU research prototype and is not offered to individuals or entities within the European Union, United Kingdom, or European Economic Area. No services are provided to users in these jurisdictions, and no personal data from EU/UK/EEA data subjects is intended to be processed.