[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : e-cart.biz Shopping Cart Arbitrary File Upload Vulnerability
# Published : 2009-04-17
# Author : ahmadbady
# Previous Title : ClanTiger <= 1.1.1 (slug) Blind SQL Injection Exploit
# Next Title : Online Guestbook Pro (display) Blind SQL Injection Vulnerability
=-=-Remote Arbitrary File Upload-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=
script::e-cart Shopping Carts
-------------------------------------------------
Author: ahmadbady
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
download from:http://www.e-cart.biz/e-cart_Free.zip
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
upload:
/path/admin/editor/image.php --> upload shell.php
shell.php ---> /path/images/upload/shell.php
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=--=-=-=-=-=-=-
dork:
"Powered by e-cart.biz Shopping Carts & Storefronts"
"Powered by e-cart.biz Shopping Carts"
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=
# www.Syue.com [2009-04-17]