CS-Cart 1.3.3 - authenticated RCE
| EKU-ID: 52933 | CVE: | OSVDB-ID: |
| Author: 0xmmnbassel | Published: 2020-10-16 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 52933 | CVE: | OSVDB-ID: |
| Author: 0xmmnbassel | Published: 2020-10-16 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
# Exploit Title: CS-Cart authenticated RCE # Date: 2020-09-22 # Exploit Author: 0xmmnbassel # Vendor Homepage: https://www.cs-cart.com/e-commerce-platform.html # Tested at: ver. 1.3.3 # Vulnerability Type: authenticated RCE get PHP shells from http://pentestmonkey.net/tools/web-shells/php-reverse-shell edit IP && PORT Upload to file manager change the extension from .php to .phtml visit http://[victim]/skins/shell.phtml --> Profit. ...!