PT-2014-83: Local File Inclusion in ShopOS

The specialists of the Positive Research center have detected a Local File Inclusion vulnerability in ShopOS. Insufficient validation of user input in the 1.php script allows remote attackers to include files located on the attacked server and thus execute a PHP code. It may result in sensitive...

PT-2014-87: Local File Inclusion in ShopOS

The specialists of the Positive Research center have detected a Local File Inclusion vulnerability in ShopOS. Insufficient validation of user input in the index.php script allows remote attackers to include files located on the attacked server and thus execute a PHP code. It may result in sensiti...

PT-2014-93: Cross-Site Scripting in ShopOS

The specialists of the Positive Research center have detected a Cross-Site Scripting vulnerability in ShopOS. Reflected cross-site scripting in the 2.php page allows remote attackers to inject arbitrary HTML tags including JavaScript scripts, etc. to a page processed by user's browser. How to fix...

PT-2014-80: Cross-Site Scripting in ShopOS

The specialists of the Positive Research center have detected a Cross-Site Scripting vulnerability in ShopOS. Cross-site scripting in the currencies.php script allows remote attackers to inject arbitrary HTML tags including JavaScript scripts, etc. to a page processed by user's browser. How to fi...

PT-2014-85: Local File Inclusion in ShopOS

The specialists of the Positive Research center have detected a Local File Inclusion vulnerability in ShopOS. Insufficient validation of user input in the 3.php script allows remote attackers to include files located on the attacked server and thus execute a PHP code. It may result in sensitive...

PT-2014-81: Two Local File Inclusion Vulnerabilities in ShopOS

The specialists of the Positive Research center have detected two Local File Inclusion vulnerabilities in ShopOS. Insufficient validation of user input in the configuration.php script allows remote attackers to include files located on the attacked server and thus execute a PHP code. It may resul...

PT-2014-91: Cross-Site Scripting in ShopOS

The specialists of the Positive Research center have detected a Cross-Site Scripting vulnerability in ShopOS. Reflected cross-site scripting in the index.php page allows remote attackers to inject arbitrary HTML tags including JavaScript scripts, etc. to a page processed by user's browser. How to...

PT-2014-86: Local File Inclusion in ShopOS

The specialists of the Positive Research center have detected a Local File Inclusion vulnerability in ShopOS. Insufficient validation of user input in the 5.php script allows remote attackers to include files located on the attacked server and thus execute a PHP code. It may result in sensitive...

PT-2014-84: Local File Inclusion in ShopOS

The specialists of the Positive Research center have detected a Local File Inclusion vulnerability in ShopOS. Insufficient validation of user input in the 2.php script allows remote attackers to include files located on the attacked server and thus execute a PHP code. It may result in sensitive...

PT-2014-79: Cross-Site Scripting in ShopOS

The specialists of the Positive Research center have detected a Cross-Site Scripting vulnerability in ShopOS. Cross-site scripting in the market.php script allows remote attackers to inject arbitrary HTML tags including JavaScript scripts, etc. to a page processed by user's browser. How to fix No...

PT-2014-90: Cross-Site Scripting in ShopOS

The specialists of the Positive Research center have detected a Cross-Site Scripting vulnerability in ShopOS. Reflected cross-site scripting in the account.php page allows remote attackers to inject arbitrary HTML tags including JavaScript scripts, etc. to a page processed by user's browser. How ...

PT-2014-82: Multiple Local File Inclusion Vulnerabilities in ShopOS

The specialists of the Positive Research center have detected multiple Local File Inclusion vulnerabilities in ShopOS. Insufficient validation of user input in the \en\lang.php script allows remote attackers to include files located on the attacked server and thus execute a PHP code. It may resul...

PT-2014-89: Open Redirect in ShopOS

The specialists of the Positive Research center have detected an Open Redirect vulnerability in ShopOS. Open redirect in the redirector.php script allows remote attackers to control user redirection. This vulnerability can be exploited to conduct a series of attacks against users of the web...

PT-2014-92: Cross-Site Scripting in ShopOS

The specialists of the Positive Research center have detected a Cross-Site Scripting vulnerability in ShopOS. Reflected cross-site scripting in the func.php page allows remote attackers to inject arbitrary HTML tags including JavaScript scripts, etc. to a page processed by user's browser. How to...

PT-2014-88: SQL Injection in ShopOS

The specialists of the Positive Research center have detected SQL Injection vulnerability in ShopOS. SQL Injection in the manager.php script allows remote attackers to execute arbitrary SQL commands via a specially crafted request. How to fix No solution. Advisory status 26.12.2013 - Vendor gets...

ShopOS Mullti Vulnerability

Exploit for php platform in category web applications =========================== ShopOS Mullti Vulnerability =========================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //...