osCommerce 2.2 Arbitrary PHP Code Execution
osCommerce is a popular open source E-Commerce application. The admin console contains a file management utility that allows administrators to upload, download, and edit files. This could be abused to allow unauthenticated attackers to execute arbitrary code with the permissions of the webserver.
- egypt <egypt [at] metasploit.com>
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
msf > use exploit/unix/webapp/oscommerce_filemanager msf exploit(oscommerce_filemanager) > show targets ...targets... msf exploit(oscommerce_filemanager) > set TARGET <target-id> msf exploit(oscommerce_filemanager) > show options ...show and set options... msf exploit(oscommerce_filemanager) > exploit