Bypassing file upload filter by source code review in Bolt CMS
I discovered multiple vulnerabilities in an open-source PHP application, Bolt CMS. Chaining them led to a single-click RCE. If you want to read about all the found vulnerabilities in detail, you can find the full advisory here and the exploit here. This article only focuses on the file upload bypass…