Share
## https://sploitus.com/exploit?id=697F6EEC-214A-512D-A675-DCF69613806B
# CVE-2021-4462 Test Environment

Docker-based test environment for **CVE-2021-4462** (Employee Records System 1.0 - Unrestricted File Upload) using the **real application source code**.

## Quick Start

### Prerequisites
- Docker and Docker Compose
- Nuclei scanner
- Source code from SourceCodester (see below)

### Step 1: Download Source Code

1. Visit: https://www.sourcecodester.com/php/11393/employee-records-system.html
2. Download and extract the ZIP file
3. Copy contents to: `real-application/employee_records_system/`

> **Note**: Source code is NOT included (excluded via `.gitignore`). You must download it separately.

### Step 2: Setup

```bash
cd test-environments/CVE-2021-4462
chmod +x setup-real-app.sh
./setup-real-app.sh
```

### Step 3: Start Environment

```bash
docker compose -f docker-compose.real.yml up -d --build
```

Wait 30-60 seconds for MySQL to initialize.

### Step 4: Access & Test

- **URL**: http://localhost:8080
- **Login**: `admins` / `admin1234`

**Test with Nuclei**:
```bash
nuclei -t http/cves/2021/CVE-2021-4462.yaml -target http://localhost:8080 -debug
```

## Configuration

- **Database**: `sharp_db` (MySQL)
- **Vulnerable File**: `/dashboard/uploadID.php`
- **Form Field**: `employee_ID`
- **Upload Path**: `/uploads/employees_ids/`

## Troubleshooting

### Invalid Password
```bash
docker exec cve-2021-4462-mysql mysql -uroot -prootpassword sharp_db \
  -e "UPDATE users SET password = MD5('admin1234') WHERE username = 'admins';"
```

### Check Logs
```bash
docker logs cve-2021-4462-mysql    # Database logs
docker logs cve-2021-4462-real     # Application logs
```

### Stop Environment
```bash
docker compose -f docker-compose.real.yml down
```

## Files Structure

```
CVE-2021-4462/
โ”œโ”€โ”€ README.md                    # This file
โ”œโ”€โ”€ setup-real-app.sh            # Setup script
โ”œโ”€โ”€ Dockerfile.real              # Docker configuration
โ”œโ”€โ”€ docker-compose.real.yml       # Docker Compose with MySQL
โ”œโ”€โ”€ init-db.sh                   # Database initialization
โ”œโ”€โ”€ real-application/            # Source code (download required)
โ””โ”€โ”€ uploads/                     # Upload directory
```

## References

- [CVE-2021-4462](https://nvd.nist.gov/vuln/detail/CVE-2021-4462)
- [Exploit-DB 49596](https://www.exploit-db.com/exploits/49596)
- [SourceCodester](https://www.sourcecodester.com/php/11393/employee-records-system.html)

---

**Status**: โœ… Tested and Verified