## https://sploitus.com/exploit?id=6792E125-7CA6-5A47-8952-EEE38814DBEB
# Chamilo LMS Unauthenticated Remote Code Execution Exploit (CVE-2023-4220)
## Overview
This repository contains a Bash script that exploits an unauthenticated remote code execution (RCE) vulnerability in Chamilo LMS via arbitrary file write. The vulnerability is identified as CVE-2023-4220. This exploit allows an attacker to execute arbitrary commands on the target server by uploading a malicious PHP file.
## Prerequisites
- A vulnerable Chamilo LMS instance.
- A listener to catch the reverse shell (e.g., using Netcat).
## Exploit Details
- **Vulnerability**: CVE-2023-4220
- **Source**: [StarLabs Advisory](https://starlabs.sg/advisories/23/23-4220/)
## Usage
1. **Clone the repository**:
```bash
git clone https://github.com/N1ghtfallXxX/CVE-2023-4220
cd CVE-2023-3533
chmod +x exploit.sh
./exploit.sh
# Disclaimer
This script is intended for educational purposes only. Unauthorized use of this script on systems without permission is illegal and unethical. Use responsibly and only on systems for which you have explicit permission.