Qualiteam X-Cart Remote Command Execution Vulnerability

info
discussion
exploit
solution
references

Qualiteam X-Cart Remote Command Execution Vulnerability

X-Cart has been reported to be prone to an issue that may allow remote attackers to execute arbitrary commands on the affected system. The issue is caused by a failure of the application to sanitize values specified by parameters in the URI.