This exploit demonstrates an arbitrary file upload vulnerability in GetSimple CMS <= 3.3.10 by bypassing file extension checks using a percent sign (%). It allows an attacker to upload a malicious PHP file and execute system commands.
Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:GetSimple CMS <= 3.3.10
Auth required
Prerequisites:Admin access to the GetSimple CMS · Ability to upload files