CVE-2023-45878

This repository contains a functional exploit for CVE-2023-45878, an arbitrary file write vulnerability in GibbonEdu. The exploit uploads a PHP web shell via the `rubrics_visualise_saveAjax.php` endpoint and allows remote command execution or a PowerShell reverse shell.

This exploit demonstrates an arbitrary file write vulnerability in GibbonEdu Gibbon version 25.0.1, allowing an attacker to upload a malicious PHP file and achieve remote code execution. The exploit sends a crafted POST request to the vulnerable endpoint, writes a PHP webshell, and then executes a command via a GET request.

This repository contains a functional Python exploit for CVE-2023-45878, targeting a file upload vulnerability in Gibbon CMS. The exploit uploads a malicious PHP shell via a vulnerable endpoint and provides an interactive shell for remote command execution.

This repository contains a functional exploit script that chains CVE-2023-45878 (arbitrary file write in Gibbon LMS) to achieve remote code execution by uploading a webshell and executing a reverse shell payload.

This repository contains a functional Python exploit for CVE-2023-45878, targeting Gibbon LMS. It uploads a PHP webshell via a file upload vulnerability and supports both single command execution and reverse shell functionality.

This repository contains a functional exploit for CVE-2023-45878, an arbitrary file write vulnerability in Gibbon LMS versions 25.0.1 and earlier. The exploit leverages unauthenticated access to the `rubrics_visualise_saveAjax.php` endpoint to upload a PHP webshell, enabling remote code execution.

This repository contains a functional Go-based exploit for CVE-2023-45878, targeting GibbonEdu Gibbon versions 25.0.1 and earlier. The exploit leverages an arbitrary file write vulnerability to upload a malicious PHP shell, then executes a PowerShell reverse shell payload via HTTP.

This repository contains a functional exploit for CVE-2023-45878, targeting an arbitrary file write vulnerability in Gibbon LMS 25.0.1. The exploit uploads a PHP web shell and triggers a PowerShell reverse shell to achieve remote code execution.

This repository contains a functional exploit script for CVE-2023-45878, which chains an arbitrary file write vulnerability in Gibbon LMS to achieve remote code execution (RCE) on Windows targets. The script automates the generation of a reverse shell payload, uploads a webshell, and executes the payload on the target system.