This exploit demonstrates an arbitrary file upload vulnerability in Goople CMS 1.7, allowing authenticated users to upload a PHP shell via /win/content/upload.php and execute it at /user/doc/shell.php.
Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:Goople CMS 1.7
Auth required
Prerequisites:Authenticated user access · File upload functionality enabled