Share
## https://sploitus.com/exploit?id=64E91FD4-4B4C-5AE8-B088-D6757E9E7FD9
# CVE-2021-43258

ChurchInfo 1.2.13-1.3.0 Remote Code Execution Exploit

| Full title  |                                                                                                                                                                                                                       ChurchInfo 1.2.13-1.3.0 Remote Code Execution Exploit                                                                                                                                                                                                                        |
| ----------- | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------: |
| Date add    |                                                                                                                                                                                                                                             21-11-2022                                                                                                                                                                                                                                             |
| Category    |                                                                                                                                                                                                                                          remote exploits                                                                                                                                                                                                                                           |
| Platform    |                                                                                                                                                                                                                                                php                                                                                                                                                                                                                                                 |
| Risk        |                                                                                                                                                                                                                                      [Security RiskCritical]                                                                                                                                                                                                                                       |
| Description | This Metasploit module exploits the logic in the CartView.php page when crafting a draft email with an attachment. By uploading an attachment for a draft email, the attachment will be placed in the /tmp_attach/ folder of the ChurchInfo web server, which is accessible over the web by any user. By uploading a PHP attachment and then browsing to the location of the uploaded PHP file on the web server, arbitrary code execution as the web daemon user (e.g. www-data) can be achieved. |
| CVE         |                                                                                                                                                                                                                                           CVE-2021-43258                                                                                                                                                                                                                                           |