3 matches found
Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Add Artwork
Exploit Title: Artworks Gallery 1.0 - Arbitrary File Upload RCE Authenticated Date: November 17th, 2020 Exploit Author: Shahrukh Iqbal Mirza @shahrukhiqbal24 Vendor Homepage: Source Code & Projects https://code-projects.org Software Link:...
CVE-2020-28688
The add artwork functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0 allows remote attackers to upload arbitrary files...
CVE-2020-28688
CVE-2020-28688 affects ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0. The vulnerability is in the add artwork functionality, which allows remote attackers to upload arbitrary files, potentially enabling remote code execution. The Exploit-DB PoC demonstrates an authenticated workflow to ...