This exploit demonstrates an arbitrary file upload vulnerability in ProQuiz V2, allowing an attacker to upload a PHP shell by bypassing file extension restrictions. The PoC sends a crafted multipart/form-data request to upload a malicious PHP file disguised as an image.
Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:ProQuiz V2
No auth needed
Prerequisites:Network access to the target web application · ProQuiz V2 installed and accessible