Advertisement






Simple sales - Inventory System & POS v1.1 WebShell Upload

CVE Category Price Severity
CWE-434 $500 High
Author Risk Exploitation Type Date
Unknown Critical Remote 2019-06-19
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2019060131

Below is a copy:

Simple sales - Inventory System & POS v1.1 WebShell Upload
/*!
* ::- Title: Simple sales - Inventory System & POS v1.1 WebShell Upload
* ::- Author: m0ze
* ::- Date: 2019/04/13
* ::- Software: Simple sales - Inventory System & POS v1.1
*/
  
::- Details & Description -::
~ WebShell upload capability was discovered in the Simple sales - Inventory System & POS. Current version of this web-application is 1.1.

::- Demo Website -::
~ https://codecanyon.net/item/simple-sales-inventory-system-pos/22533347
~ Backend: http://simplesales.itech-theme.com/login
~ Login / Password: [email protected] / 12345

::- Special Note -::
~ Declared option of this item with price $40 is: More secure platform. Clear on it all, I think.

::- Google Dork -::
~ -

::- PoC Links -::
~ http://simplesales.itech-theme.com/upload/1520778291.php
~ http://simplesales.itech-theme.com/upload/1520767280.php
~ http://simplesales.itech-theme.com/upload/1521738915.php

::- PoC [WebShell Upload] -::
~ Go to the demo website http://simplesales.itech-theme.com/login and log in with provided credentials ([email protected] / 12345). Select any page with file upload form: Product, Category, Brands or Users, create a new item or edit any existed. You'll see the upload form w/o proper filtering, so it's possible to upload WebShell as .php, .php5 or .php7. Eg.: http://simplesales.itech-theme.com/product/edit/28, inspect uploaded file on the Product Image field.

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.