CVE-2024-29410

This exploit demonstrates a file upload vulnerability in Petrol Pump Management Software v1.0, allowing arbitrary PHP code execution by uploading a malicious file via the 'Image' field in the admin panel. The PoC includes steps to upload a PHP file containing phpinfo() and confirms execution via a predictable path.

The repository provides a detailed technical writeup for CVE-2024-29410, describing a file upload vulnerability in Petrol Pump Management Software v1.0 that leads to remote code execution. It includes step-by-step attack vectors and a proof-of-concept payload.