Share
## https://sploitus.com/exploit?id=07205B10-CC60-50B1-98AD-5F6D830FBBF0
# Proof of concept exploit for CVE-2023-4220

- *Affected product*: Chamilo <= 1.11.24

This CVE abuses an unathenticated file upload vulnerability in Chamilo 1.11.24 and lower.
An attacker has the ability to upload PHP files with no restrictions, leading to RCE.

## How to use

```bash
python3 exploit.py -u URL -c COMMAND
```

## Showcase

<img style="align: center" src="cve-2023-4220.gif"/>