Computer Security

Security Advisory: [Aria-Security] Stuffed Tracker Multiple Cross-Site Scripting VULN
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  TorrentTrader Classic Mutiple Remote vulnerabilities

  new vuln in snewscms.net.ru in lang file

  Else If cms Multiple Remote vulnerabilities

  idmos-phoenix cms Remote File inclusion

From:Advisory_(at)_Aria-Security.net <Advisory_(at)_Aria-Security.net>
Date:08.10.2007
Subject:[Aria-Security] Stuffed Tracker Multiple Cross-Site Scripting VULN

Aria-Security Team
----------------------
Viart Shopping Cart Directory Transversal Vuln

Vendor:
http://www.viart.com/



POC:

   function createCertFingerprint($filename) {
       $fp = fopen($filename, "r");

http://target/path/payments/ideal_process.php


Credits Goes To Aria-Security Team
Thanks To Aura
Regards,
The-0utl4w

http://Aria-Security.Net [Aria-Security's Website]
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server