CVE-2023-4220

This exploit leverages an unrestricted file upload vulnerability in Chamilo LMS 1.11.24 to achieve unauthenticated remote code execution by uploading a PHP web shell and executing arbitrary commands via HTTP requests.

This repository contains a functional exploit for CVE-2023-4220, an unauthenticated file upload vulnerability in Chamilo LMS. The exploit allows for remote code execution via webshell upload or reverse shell execution.

This repository contains a functional exploit for CVE-2023-4220, an unrestricted file upload vulnerability in Chamilo LMS <= v1.11.24. The exploit uploads a reverse shell file to the vulnerable endpoint and triggers it to achieve remote code execution.

This repository contains a functional exploit for CVE-2023-4220, which allows arbitrary file upload in Chamilo LMS. The exploit sends a POST request to a vulnerable endpoint to upload a webshell.

This repository contains a functional exploit script for CVE-2023-4220, which targets an unrestricted file upload vulnerability in Chamilo LMS <= 1.11.24. The script uploads a webshell via the vulnerable endpoint and sets up a listener for remote code execution.

This repository contains a functional exploit for CVE-2023-4220, an unrestricted file upload vulnerability in Chamilo LMS <= v1.11.24. The exploit leverages a flawed file upload mechanism in bigUpload.php to upload arbitrary files to a predictable directory.

This repository contains a functional Python exploit for CVE-2023-4220, an unrestricted file upload vulnerability in Chamilo LMS. The exploit uploads a PHP web shell to a vulnerable endpoint and triggers a reverse shell connection.

This repository contains a functional Python exploit for CVE-2023-4220, targeting an unauthenticated file upload vulnerability in Chamilo LMS <= 1.11.24. The exploit uploads a PHP web shell and executes arbitrary commands via HTTP requests.

This repository contains a functional exploit for CVE-2023-4220, an unauthenticated RCE vulnerability in Chamilo LMS. It includes a Python script and a Bash script that upload a malicious PHP file to achieve remote code execution via a reverse shell.

The repository provides a functional proof-of-concept for CVE-2023-4220, demonstrating an unauthenticated file upload vulnerability in Chamilo LMS. It includes a curl command to upload a malicious PHP file, leading to remote code execution.

This repository contains functional exploit code for CVE-2023-4220, an unauthenticated arbitrary file upload vulnerability in Chamilo LMS <= 1.11.24. The exploit uploads a PHP webshell via the BigUpload component and allows command execution or reverse shell acquisition.

This repository contains a functional exploit for CVE-2023-4220, targeting Chamilo LMS versions ≤ 1.11.24. The exploit automates the upload of a malicious PHP webshell via an unrestricted file upload vulnerability in the 'bigUpload' functionality, leading to remote code execution (RCE).

This repository contains a functional exploit for CVE-2023-4220, an unauthenticated file upload vulnerability in Chamilo <= 1.11.24. The exploit uploads a PHP webshell via a vulnerable endpoint and executes arbitrary commands.

This repository contains a functional exploit for CVE-2023-4220, targeting Chamilo LMS versions ≤ v1.11.24. The exploit leverages an unrestricted file upload vulnerability in `bigUpload.php` to achieve remote code execution by uploading and executing a reverse shell.

This repository contains a functional exploit for CVE-2023-4220, which targets a file upload vulnerability in the 'bigUpload.php' endpoint. The exploit uploads a malicious PHP file (reverse shell) and triggers its execution by accessing the uploaded file.

The repository contains a functional exploit for CVE-2023-4220, a file upload vulnerability in Chamilo <= 1.11.24. The exploit allows remote code execution by uploading a PHP webshell and triggering a reverse shell.

This repository contains a functional exploit for CVE-2023-4220, which leverages an unrestricted file upload vulnerability in Chamilo LMS <= v1.11.24 to achieve remote code execution. The exploit uploads a malicious PHP file via the bigUpload.php endpoint and executes it to either run arbitrary commands or establish a reverse shell.

This repository contains a functional exploit for CVE-2023-4220, an unauthenticated RCE vulnerability in Chamilo LMS <= 1.11.24. The exploit leverages insufficient file upload validation to upload a malicious PHP webshell or reverse shell payload.

The repository contains only a README.md file with the CVE identifier and no additional technical details or exploit code. It is a placeholder with minimal content.

This repository contains a functional exploit for CVE-2023-4220, an unauthenticated file upload vulnerability in Chamilo LMS <= v1.11.24. The exploit uploads a PHP reverse shell via the bigUpload functionality and triggers it to establish a reverse shell connection.

This repository contains a functional Python exploit for CVE-2023-4220, targeting Chamilo LMS versions before 1.11.24. The exploit leverages an unauthenticated file upload vulnerability to achieve remote code execution via webshell or reverse shell payloads.

This repository contains a functional Python exploit for CVE-2023-4220, targeting Chamilo LMS. The exploit automates the upload of a web shell to a vulnerable endpoint, enabling remote code execution.

This repository contains a functional Python exploit for CVE-2023-4220, targeting Chamilo LMS versions before 1.11.24. The exploit leverages an unauthenticated file upload vulnerability to achieve remote code execution via webshell or reverse shell payloads.

The repository contains functional exploit code for multiple CVEs, including CVE-2023-4220 (Chamilo LMS RCE) and CVE-2023-27163 (request-baskets SSRF). The exploits demonstrate unauthenticated file upload leading to RCE and SSRF via crafted API requests.

This repository contains a functional exploit for CVE-2023-4220, targeting LMS Chamilo 1.11.24. The exploit leverages an unrestricted file upload vulnerability to achieve remote code execution (RCE) by uploading a malicious PHP shell.

This repository contains functional exploit code for CVE-2023-4220, an unauthenticated file upload vulnerability in Chamilo LMS leading to remote code execution. The exploit includes both Python and Bash scripts to upload a malicious PHP file and execute arbitrary commands.

This repository contains a functional exploit PoC for CVE-2023-4220, targeting Chamilo LMS. The exploit leverages an arbitrary file upload vulnerability to achieve remote code execution (RCE) by uploading a malicious PHP file and triggering its execution.

This repository contains a detailed technical analysis of CVE-2021-44228 (Log4Shell), including vulnerability mechanics, proof-of-concept steps, and mitigation strategies. It provides in-depth explanations of the JNDI lookup feature and its exploitation.

The repository contains a functional Python script that exploits an unrestricted file upload vulnerability in Chamilo LMS (CVE-2023-4220). It allows unauthenticated attackers to upload a malicious PHP file to achieve remote code execution (RCE) via either direct command execution or a reverse shell.

This Metasploit module exploits an unrestricted file upload vulnerability in Chamilo LMS v1.11.24 via the bigUpload.php endpoint, allowing attackers to upload a PHP webshell by bypassing file extension checks using the 'post-unsupported' action parameter.