GITLAB-aituglo/CVE-2023-34960

GITLAB WORKING POC

Exploit for CVE-2023-34960 - Chamilo unauthenticated command injection in PowerPoint upload

AI Analysis

This repository contains a functional exploit for CVE-2023-34960, a command injection vulnerability in Chamilo LMS. The PoC leverages a SOAP API endpoint to execute arbitrary commands via crafted XML payloads.

Attack Type

RCE

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

Loading exploit code...

Download ZIP Password: eip

Source

Platform Gitlab

Type poc

Files 2

https://gitlab.com/aituglo/CVE-2023-34960

Stars 0

Forks 0

Authors

Aituglo

Vulnerability

CVE-2023-34960

Chamilo unauthenticated command injection in PowerPoint upload

CRITICAL

CVSS 9.8