BugTraq
OpenCart 1.5.6.4 Directory Traversal Vulnerability May 29 2014 01:40PM
iedb team gmail com (1 replies)
Re: OpenCart 1.5.6.4 Directory Traversal Vulnerability Jun 01 2014 07:40AM
Henri Salo (henri nerv fi)
On Thu, May 29, 2014 at 01:40:54PM +0000, iedb.team (at) gmail (dot) com [email concealed] wrote:
> http://iedb.ir/up/imagef-140139785162051-jpg.html
> # Archive Exploit = http://www.iedb.ir/exploits-1731.html

I was unable to reproduce this issue in OpenCart version 1.5.6.4. From the
picture this seems to be path disclosure issue or could you provide working
proof-of-concept to exploit directory traversal issue? Did you report this to
vendor? Does this have CVE? Did you use any plugins or themes (like Shoppica) or
did you have OpenCart as module/extension in some other software?

Sadly at the moment this looks like yet another fake/false from iedb.

---
Henri Salo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlOK2PkACgkQXf6hBi6kbk/EOwCdELtVKkHnJtNI3zl89YD1eSV5
BrAAn26FAwKO0pmzR43W0FIbM16HtmlG
=kXCG
-----END PGP SIGNATURE-----

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus