This is a writeup describing an arbitrary shell upload vulnerability in Penny Auction Script. It outlines steps to exploit the vulnerability by registering, logging in, and uploading a shell via profile settings.
Classification
Writeup 80%
Attack Type
Rce
Complexity
Trivial
Reliability
Theoretical
Target:Penny Auction Script (version not specified)
Auth required
Prerequisites:Access to the target application · Valid user credentials