The exploit demonstrates multiple vulnerabilities in ilosuna-phpsqlitecms-d9b8219, including CSRF, unrestricted file upload, privilege escalation, and XSS. It provides functional PoC code for adding arbitrary users, escalating privileges, deleting server files, and executing XSS attacks.
Classification
Working Poc 95%
Attack Type
Xss | Auth Bypass | Other
Target:
ilosuna-phpsqlitecms-d9b8219
No auth needed
Prerequisites:
Access to the target CMS · User interaction for CSRF/XSS