This one was a fun little hack. Versions 220.127.116.11 and below, and 18.104.22.168 and below of the X-Cart PHP ecommerce platform are affected by an unauthenticated vulnerability that allows an attacker to control the path and partial contents of a file write operation. The vulnerability was fixed in versions 22.214.171.124 and 126.96.36.199, but read on for the details.
Update: Links to the vendor’s changelog for the updated versions:
- X-Cart Changelog v188.8.131.52: https://devs.x-cart.com/changelog/184.108.40.206_-_21_july_2020.html
- X-Cart Changelog v220.127.116.11: https://devs.x-cart.com/changelog/18.104.22.168_-_21_july_2020.html