This exploit demonstrates an arbitrary file upload vulnerability in Instagram Clone 1.0, allowing an attacker to upload a malicious PHP file via the add_profile.php endpoint. The uploaded file can then be accessed to execute arbitrary PHP code.
Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:Instagram Clone 1.0
No auth needed
Prerequisites:Access to the target web application · Ability to send HTTP POST requests