5 matches found
Abantecart v1.3.2 - Authenticated Remote Code Execution Vulnerability
Exploit Title: Abantecart v1.3.2 - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane CVE ID: CVE-2022-26521 Confirmed on release 1.3.2 Vendor: https://www.abantecart.com/download Step1- Login with Admin Credentials Step2- Uploading .php files i...
Abantecart 1.3.2 Remote Code Execution
Exploit Title: Abantecart v1.3.2 - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 3rd Mar'2022 CVE ID: CVE-2022-26521 Confirmed on release 1.3.2 Vendor: https://www.abantecart.com/download Step1- Login with Admin Credentials Step2-...
CVE-2022-26521
creationtimestamp| type| source ---|---|--- 2023-03-25 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/51058...
Abantecart v1.3.2 - Authenticated Remote Code Execution
Exploit Title: Abantecart v1.3.2 - Authenticated Remote Code Execution Exploit Author: Sarang Tumne @CyberInsane Twitter: @thecyberinsane Date: 3rd Mar'2022 CVE ID: CVE-2022-26521 Confirmed on release 1.3.2 Vendor: https://www.abantecart.com/download Step1- Login with Admin Credentials Step2-...
CVE-2022-26521
CVE-2022-26521 affects AbanteCart up to version 1.3.2. The issue allows remote authenticated administrators to execute arbitrary code by uploading an executable file because the Catalog → Media Manager → Images settings can be altered to treat PHP as a valid image file type. The root cause is the...