[Aria-Security] Stuffed Tracker Multiple Cross-Site Scripting VULN

2007-10-08T00:00:00
ID SECURITYVULNS:DOC:18149
Type securityvulns
Reporter Securityvulns
Modified 2007-10-08T00:00:00

Description

Aria-Security Team

Viart Shopping Cart Directory Transversal Vuln

Vendor: http://www.viart.com/

POC:

function createCertFingerprint($filename) {
    $fp = fopen($filename, "r");

http://target/path/payments/ideal_process.php

Credits Goes To Aria-Security Team Thanks To Aura Regards, The-0utl4w

http://Aria-Security.Net [Aria-Security's Website]