Vibecoding Your Way to Remote Code Execution

Jeppe Lillevang Salling • April 30, 2025 • 2 minutes read

Earlier this week, a colleague introduced me to https://bolt.new — an AI-powered tool that generates fullstack web apps right in your browser.

At first glance, it’s very impressive. You describe what you want, and it scaffolds a project in seconds.

Coincidentally, later that day I saw a Reddit post claiming “soon developers will be out of a job” because of Bolt. Naturally, I had to test that 😅

So I asked Bolt to build a simple file upload site — something non-technical users could use to drop files onto a server, no FTP or SCP needed.

It delivered: clean UI, quick setup. But when I reviewed the code… well…

⚠️ Vulnerability 1: Stored XSS

The Node.js version let me upload .html files and served them directly — no file type filtering, no sanitization.

I uploaded:

<script>alert('XSS??')</script>

…and it ran the moment I opened it.

Why this matters:

The alert is just proof of concept. But malicious JavaScript running in a browser could:

I asked Bolt to create a PHP version — even though it’s JS-native.

This one had:

✅ No MIME type checks

✅ Original filename preserved

✅ Public /uploads directory

✅ move_uploaded_file() and vibes…

So I uploaded a shell.php, opened it in the browser, and…

🎯 Got a shell in my terminal.

Why this matters:

A reverse shell gives full remote control of the server — read/write/delete files, run commands, exfiltrate data, or wipe everything.

Be careful vibecoding out there. AI-generated code will keep getting better — but so will the risk of dodgy vulnerabilities like these.

You can find a redacted version of the test repo here:👉 https://github.com/Lillevang/bolt-pwn