CVE-2020-11819

This exploit leverages an arbitrary file upload vulnerability in Rukovoditel 2.6.1 to upload a malicious PHP file, then uses a Local File Inclusion (LFI) vulnerability to execute it, resulting in remote code execution (RCE). The script automates the process of uploading a reverse shell and triggering it via a crafted request.

This exploit leverages CVE-2020-11819 to achieve remote code execution in Rukovoditel < 2.7.1 via authenticated file upload and local file inclusion. It supports two attack modes: session fixation (CVE-2020-15946) or direct credential-based authentication.

This is a functional PoC for CVE-2020-11819 and CVE-2020-15946, targeting Rukovoditel CMS versions 2.4.x to 2.6.1. It exploits session fixation and local file inclusion to achieve remote code execution via a reverse shell.