Exploit Pacific Software Carello 1.2.1 - File Duplication / Source Disclosure

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
19957
Проверка EDB
  1. Пройдено
Автор
CERBERUS SECURITY TEAM
Тип уязвимости
REMOTE
Платформа
WINDOWS
CVE
cve-2000-0396
Дата публикации
2000-05-24
Pacific Software Carello 1.2.1 - File Duplication / Source Disclosure
Код:
source: https://www.securityfocus.com/bid/1245/info

A remote user can gain read and write access on a target machine running Carello shopping cart software.

First, a user may create a duplicate of a known file in a known directory on the target host through add.exe in /scripts/Carello. Accessing http://target/scripts/Carello/add.exe?C:\directory\filename.ext will generate a duplicate file with a "1" appended to the filename (eg. filename.ext1). From here, the remote user would perform a http request of the newly created duplicate file and be able to view the contents of it.

This vulnerability depends on the anonymous internet account having write access to the relevant directories. 

http://target/scripts/Carello/add.exe?C:\directory\filename.ext
 
Источник
www.exploit-db.com

Похожие темы