geocarts-xssrfi.txt

2008-03-27T00:00:00
ID PACKETSTORM:64945
Type packetstorm
Reporter Ivan Sanchez
Modified 2008-03-27T00:00:00

Description

                                        
                                            `+==========================================================================================+  
+ Powered By GeeCarts <= ALL VERSIONS XSS & RFI Multiple Remote Vulnerabilities +  
+==========================================================================================+  
  
  
Author(s): Ivan Sanchez   
  
Product: Powered By GeeCarts Copyright ©  
  
Web: http://www.geecarts.com/  
  
Versions: all versions  
  
Date: 26/03/2008  
  
  
  
GOOGLE SEARCH:  
--------------  
Powered By GeeCarts   
  
  
Exploit:  
--------  
  
For example , some functions vulnerable:  
  
1-show.php?  
2-search.php?  
3-view.php?  
  
And other functions are not sanitize the Input-  
  
  
http://www.[DOMAIN].tld/show.php?id=[XSS or RFI]  
http://www.[DOMAIN].tld/search.php?id=[XSS or RFI]  
http://www.[DOMAIN].tld/view.php?id=[XSS or RFI]  
http://www.[DOMAIN].tld/morefuncionts?id=[XSS or RFI]  
  
  
NULL CODE SERVICES [ www.nullcode.com.ar ] Hunting Security Bugs!  
  
+============================================================================================+  
+ Powered By GeeCarts <= ALL VERSIONS / XSS & RFI Multiple Remote Vulnerabilities +  
+============================================================================================+`