CVE-2019-15813

This exploit bypasses file upload restrictions in Sentrifugo 3.2 by authenticating and uploading a malicious PHP file, then executing commands via a web shell. It demonstrates a clear RCE vulnerability.

This exploit demonstrates a file upload restriction bypass in Sentrifugo 3.2, allowing authenticated users to upload malicious PHP files by manipulating the 'filename' and 'Content-Type' fields in a multipart form request, leading to remote code execution (RCE).

The repository lacks functional exploit code and instead provides default credentials and a reference to an external archive (resume.zip) for a reverse PHP shell, which is a common tactic for distributing malware or fake exploits.