Computer Security

Security Advisory: Viart Shopping Cart Directory Transversal Vuln
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  TikiWiki php injection

  Vulnerabilities

  LedgerSMB < 1.2.8, SQL-Ledger 2.x Multiple SQL Injection Issues

  DNewsWeb Softwares Cross Site Scripting Vulrnability

From:Advisory_(at)_Aria-Security.net <Advisory_(at)_Aria-Security.net>
Date:10.10.2007
Subject:Viart Shopping Cart Directory Transversal Vuln

Aria-Security Team

----------------------

Viart Shopping Cart Directory Transversal Vuln

Vendor:

http://www.viart.com/

POC:

function createCertFingerprint($filename) {

$fp = fopen($filename, "r");

http://target/path/payments/ideal_process.php

Credits Goes To Aria-Security Team

Thanks To Aura

Regards,

The-0utl4w

http://Aria-Security.Net [Aria-Security's Website]
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 


Rating@Mail.ru