Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: e-commerce, shopping carts :: hack1860.htm

CommerceSQL Remote File Read Vulnerability



[CommerceSQL] Remote File Read Vulnerability



CommerceSQL shopping cart (http://commercesql.com) allows remote file reading. It only needs to specially prepared page variable in index.cgi to allow reading remote files (like /etc/passwd)



By using prepared GET page variable it allows user to read remote files



Example:

With index.cgi?page=../../../../../../../../etc/passwd puts out your /etc/passwd on the screen of pottential attacker.



Vulnerable:

* All CommerceSQL Shopping Cart Versions



Exploits:

* Not needed



Patch:

* Not yet available



-- 

Mariusz "Craig" Cieśla  

getNet network administrator / security consultant


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH