CVE-2023-50564

This repository contains a functional Python-based exploit for CVE-2023-50564, which leverages an unauthorized file upload vulnerability in Pluck CMS v4.7.18 to achieve remote command execution via a malicious ZIP file containing a PHP shell.

This repository contains a functional exploit for CVE-2023-50564, an arbitrary file upload vulnerability in Pluck-CMS v4.7.18. The exploit authenticates, uploads a malicious ZIP file containing a PHP reverse shell, and triggers execution by accessing the uploaded file.

This repository contains a functional exploit for CVE-2023-50564, an RCE vulnerability in Pluck CMS v4.7.18. The exploit leverages an arbitrary file upload vulnerability in `/inc/modules_install.php` to upload a malicious ZIP file containing a PHP web shell, enabling remote command execution.

This repository contains a functional Python exploit for CVE-2023-50564, an authenticated arbitrary file upload vulnerability in Pluck CMS v4.7.18. The exploit uploads a PHP reverse shell via the `/admin.php?action=installmodule` endpoint, enabling remote code execution.

This repository contains a functional exploit for CVE-2023-50564, targeting Pluck CMS v4.7.18. The exploit allows an authenticated admin to upload a malicious ZIP module containing a PHP shell, resulting in remote code execution (RCE).

This repository contains a functional exploit for CVE-2023-50564, a Remote Code Execution (RCE) vulnerability in Pluck CMS v4.7.18. The exploit automates the process of authenticating to the admin panel, uploading a malicious ZIP file containing a reverse shell, and executing it to gain remote access.

This repository contains a functional Python script that exploits CVE-2023-50564 to upload a reverse PHP shell to a vulnerable PluckCMS server. The exploit authenticates using provided credentials and leverages a file upload vulnerability in the admin panel.

This repository contains a functional Go-based exploit for CVE-2023-50564, which targets a vulnerability in Pluck CMS. The exploit authenticates, uploads a malicious ZIP file containing a reverse shell PHP payload, and triggers its execution via module installation.