AVMS-exploit
CVE-2021-38833 - SQL injection to RCE exploit in Apartment Visitors Management System (AVMS) v10 phpgurukulcom/apartment-visitors-management-system-using-php-and-mysql/ How it works The exploit uses an union-based SQL injection and into_outfile functionality to first upload PHP webshell on the server and then execute reverse shell payload (base64-encoded) on the targ