This exploit demonstrates an arbitrary file deletion vulnerability in MobileCartly 1.0 due to improper input validation in the 'deletepage' parameter. The vulnerability allows an attacker to delete arbitrary files on the server by manipulating the path.
Classification
Working Poc 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target:MobileCartly 1.0
No auth needed
Prerequisites:Access to the vulnerable endpoint '/includes/deletepage.php'