This exploit demonstrates multiple vulnerabilities in NULL NUKE CMS v2.2, including SQL Injection, XSS, Arbitrary File Upload, RCE, Arbitrary File Deletion, Arbitrary File Access, Open Redirect, and CSRF. The PoC includes detailed HTTP requests and HTML forms to exploit these vulnerabilities.
Classification
Working Poc 100%
Attack Type
Rce | Sqli | Xss | Info Leak | Auth Bypass
Target:
NULL NUKE CMS v2.2 and 2.1 rc3
Auth required
Prerequisites:
Access to the admin interface · Valid credentials for authenticated vulnerabilities