Maarch LetterBox 2.8 Unrestricted File Upload

This Metasploit module exploits a file upload vulnerability on Maarch LetterBox 2.8 due to a lack of session and file validation in the file_to_index.php script. It allows unauthenticated users to upload files of any type and subsequently execute PHP scripts in the context of the web server.

Leave a Reply