Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY LINKS NEWS MAN DOCUMENTATION

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Date: 23 Nov 2003 18:47:39 -0000
From: Mariusz Ciesla <craig@tenbit.pl>
To: bugtraq@securityfocus.com
Subject: [CommerceSQL] Remote File Read Vulnerability



CommerceSQL shopping cart (http://commercesql.com) allows remote file reading. It only needs to specially prepared page variable in index.cgi to allow reading remote files (like /etc/passwd)

By using prepared GET page variable it allows user to read remote files

Example:
With index.cgi?page=../../../../../../../../etc/passwd puts out your /etc/passwd on the screen of pottential attacker.

Vulnerable:
* All CommerceSQL Shopping Cart Versions

Exploits:
* Not needed

Patch:
* Not yet available

-- 
Mariusz "Craig" Cie&#347;la <craig@tenbit.pl>
getNet network administrator / security consultant

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Партнёры:

Хостинг: