Share
## https://sploitus.com/exploit?id=BFE0BD39-E215-521C-8868-77CEC436B31D
### Exploit for: GravCMS 1.10.7 - Arbitrary YAML Write/Update (Unauthenticated)

##### Usage:
```sh
python3 exploit.py --url http://192.168.204.12/grav-admin 
```
Expected behaviour
![](foothold.png)

Do not use this exploit on systems you are not authorized! 

Happy hacking.