Freeway 1.4.1.171 - '/templates/Freeway/boxes/card1.php?language' Traversal Local File Inclusion

source: https://www.securityfocus.com/bid/30731/info Freeway is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities using directory-traversal strings to view local files in the context of the...

[DSECRG-08-036] Multiple Security Vulnerabilities in Freeway eCommerce 1.4.1.171

Digital Security Research Group DSecRG Advisory DSECRG-08-036 Application: Freeway eCommerce Versions Affected: 1.4.1.171 Vendor URL: http://www.openfreeway.org/ Bugs: RFI, Multiple LFI, XSS Exploits: YES Reported: 27.06.2008 Second report: 04.07.2008 Vendor response: 06.07.2008 Solution: YES Dat...