Share
## https://sploitus.com/exploit?id=08227266-E5C4-59B6-817D-FEEAF4453216
CVE-2021-39433: Local File Inclusion (LFI) Vulnerability in BIQS IT Biqs-drive

This vulnerability is a type of Local File Inclusion (LFI) that affects versions of BIQS IT Biqs-drive v1.83. It can be exploited by sending a specific payload as a file parameter to download/index.php, allowing an attacker to read arbitrary files from the server with the permissions of the configured web-user.

Exploitation of CVE-2021-39433 by Buble x KristianMD

Reference: https://cve.circl.lu/cve/CVE-2021-39433

Screnshoot :

<img width="960" alt="{8A67A3D8-DEFF-49E0-9FA1-B5B59BB14147}" src="https://github.com/user-attachments/assets/55570e66-0da2-45aa-9633-e71221cf29ad">