This exploit demonstrates an arbitrary file upload vulnerability in articleFR CMS 3.0.5, allowing an attacker to upload a malicious PHP file via the videouploader.php endpoint. The vulnerability arises due to insufficient file type validation, enabling remote code execution.
Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:articleFR CMS 3.0.5
Auth required
Prerequisites:Access to the dashboard/videouploader.php endpoint · Valid session cookies