This exploit demonstrates an arbitrary file upload vulnerability in Easy File Uploader, allowing an attacker to upload a malicious PHP file and achieve remote code execution. The PoC is straightforward, requiring only the upload of a shell file and accessing it via a predictable path.
Classification
Working Poc 90%
Target:
Easy File Uploader (version not specified)
No auth needed
Prerequisites:
Access to the file upload functionality · Ability to send HTTP requests to the target server