Share
## https://sploitus.com/exploit?id=5091E9A0-59E2-57D6-9F2E-26DEA09CE823
# tudo-exploits-oswe-prep
A project contains all exploits of vulnerable project Tudo, which build for OSWE preparation.
Source project: https://github.com/bmdyy/tudo

Introduction:
    - tudo-arbitrary-user-password-reset.php => Low-Privilege Login Bypass (Medium Risk)
    - tudo-forgotusername-sqli.py            => Unauthenticated SQL Injection leads to RCE or Login Bypass (High Risk)
    - tudo-importuser-unauth-rce.py          => Unauthenticated Object Unserialize leads to RCE (High Risk)
    - tudo-unauth-arbitrary-file-write.py    => Unauthenticated File Upload leads to RCE (High Risk)
    - tudo-updatemotd-ssti.py                => Admin Authenticated SSTI leads to RCE (High Risk)