Exploit for compop.ca 3.5.3 Arbitrary Code Execution CVE-2024-48445

## https://sploitus.com/exploit?id=PACKETSTORM:190562
# Exploit Title: compop.ca 3.5.3 - Arbitrary code Execution
    # Google Dork: Terms of Use inurl:compop.vip
    # Date: 22/12/2024
    # Exploit Author: dmlino
    # Vendor Homepage: https://www.compop.ca/
    # Version: 3.5.3
    # CVE : CVE-2024-48445
    
    
    The restaurant management system implements authentication using a Unix
    timestamp parameter ("ts") in the URL. This implementation is vulnerable to
    manipulation as it relies solely on time-based validation without proper
    authentication mechanisms.
    
    Technical Details:
    The application uses a URL parameter "ts" which accepts a Unix timestamp
    value.
    
    Steps:
    1. Find a vulnerable restaurant.
    
    2. Get the current time in the UNIX format:
        Linux: $date +%s
        Windows Powershell: [int](Get-Date -UFormat %s -Millisecond 0)
    
    3. Replace parameter in url with the new value