Exploit for Unrestricted Upload of File with Dangerous Type in Chamilo Chamilo Lms CVE-2023-4220

Name: Exploit for Unrestricted Upload of File with Dangerous Type in Chamilo Chamilo Lms CVE-2023-4220
Rating: 5 (182 reviews)

2024-07-09 | CVSS 8.1

## https://sploitus.com/exploit?id=8F56395C-1CD5-58CB-9B34-54898F3D0868
# CVE-2023-4220 Chamilio exploit PoC

~~Shamelessly Copied from~~ Directly inspired by: https://starlabs.sg/advisories/23/23-4220/

## Usage:

```

Chamilio CVE-2023-4220 POC Exploit

positional arguments:
  url         The Chamilio Url. e.g. http://example.com

options:
  -h, --help  show this help message and exit
  -c C        The command to execute. e.g. "id", default: id
  -f F        The filename to name the uploaded file. default: test.php
  -r          if set, will upload php revshell
  -i I        revshell attacker ip
  -p P        revshell attacker port

```