This exploit demonstrates a remote file upload vulnerability in OsCSS 1.2, allowing an attacker to upload a malicious file via a crafted HTML form targeting the admin/categories.php endpoint. The exploit bypasses authentication and directly uploads a shell, enabling remote code execution.
Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:OsCSS 1.2
No auth needed
Prerequisites:Access to the target web application · Network connectivity to the admin interface