Share
## https://sploitus.com/exploit?id=5091E9A0-59E2-57D6-9F2E-26DEA09CE823
# tudo-exploits-oswe-prep
A project contains all exploits of vulnerable project Tudo, which build for OSWE preparation.
Source project: https://github.com/bmdyy/tudo
Introduction:
- tudo-arbitrary-user-password-reset.php => Low-Privilege Login Bypass (Medium Risk)
- tudo-forgotusername-sqli.py => Unauthenticated SQL Injection leads to RCE or Login Bypass (High Risk)
- tudo-importuser-unauth-rce.py => Unauthenticated Object Unserialize leads to RCE (High Risk)
- tudo-unauth-arbitrary-file-write.py => Unauthenticated File Upload leads to RCE (High Risk)
- tudo-updatemotd-ssti.py => Admin Authenticated SSTI leads to RCE (High Risk)