e-cart.biz Shopping Cart Arbitrary File Upload Vulnerability

2009-04-17T00:00:00
ID 1337DAY-ID-5060
Type zdt
Reporter ahmadbady
Modified 2009-04-17T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ============================================================
e-cart.biz Shopping Cart Arbitrary File Upload Vulnerability
============================================================


                =-=-Remote Arbitrary File Upload-=-=

-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=
script::e-cart Shopping Carts
-------------------------------------------------
Author: ahmadbady

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
download from:http://www.e-cart.biz/e-cart_Free.zip

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
upload:
/path/admin/editor/image.php --> upload shell.php

shell.php ---> /path/images/upload/shell.php

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=--=-=-=-=-=-=-

dork:
"Powered by e-cart.biz Shopping Carts & Storefronts"
"Powered by e-cart.biz Shopping Carts"

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=



#  0day.today [2018-02-09]  #