# Chamilo-LMS-CVE-2023-4220-Exploit
This is an Exploit for Unrestricted file upload in big file upload functionality in Chamilo-LMS for this location `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24, and Attackers can obtain remote code execution via uploading of web shell. Then it will allows arbitrary files to be uploaded to /main/inc/lib/javascript/bigupload/files directory.

# Vulnerability POC
-You Can at first run the exploit to know how to use it like that:
chmod +x
-Then you need to enter the requeierd inputs like that: 
~$ ./ -f reverse_file -h host_link -p port_in_the_reverse_file
-Here we can found the uploaded file in the server