This exploit demonstrates an arbitrary file upload vulnerability in HaPe PKH 1.1, allowing attackers to upload malicious PHP files by bypassing image upload restrictions. The PoC includes three distinct upload paths targeting different modules.
Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:HaPe PKH 1.1
Auth required
Prerequisites:Access to the admin panel · Valid session credentials