CVE-2024-1651

This repository contains a functional exploit for CVE-2024-1651, leveraging insecure object deserialization in a PHP-based forum software to achieve remote code execution (RCE). The exploit authenticates, crafts a malicious serialized payload using GuzzleHttp components, and uploads a PHP shell for command execution.

This repository contains a functional exploit for CVE-2024-1651, targeting Torrentpier v2.4.1. The exploit leverages unsafe deserialization to achieve remote code execution (RCE) by crafting a malicious serialized object and uploading a PHP shell.

This repository contains a functional exploit for CVE-2024-1651, leveraging PHP deserialization in a web application to achieve remote code execution (RCE). The exploit logs in with hardcoded credentials, crafts a malicious serialized payload, and uploads a PHP shell to a vulnerable endpoint.

This repository contains a functional exploit for CVE-2024-1651, leveraging insecure object deserialization in a PHP-based forum software to achieve remote code execution (RCE). The exploit authenticates, crafts a malicious serialized payload, and uploads a shell to execute arbitrary commands.