osCommerce Online Merchant v2.2 RC1 local include bug
Normal
osCommerce Online Merchant v2.2 RC1
osCommerce is an Open Source based online shop e-commerce solution that is available for free under
the GNU General Public License
osCommerce has a local inclusion bug in the modules.php file:
Where test.php contains:
<?php
system("dir");
?>
Vendor was contacted but no response received till date.
Put:
if(preg_match("/\.\./i", $module_directory)){echo "HACKING attempt !";exit(0);}
$module_directory = preg_replace("/[\/]/i","(/)",$module_directory);
$module_directory = ereg_replace("[\*]","(\)",$module_directory);
Before:
include(DIR_FS_CATALOG_LANGUAGES . $language . '/modules/' . $module_type . '/' . $file);
include($module_directory . $file);
This vulnerability was discovered by matrix_killer
mail : matrix_k at abv.bg
Greets: EcLiPsE, Bl0od3r and Acid_BDS
С бензин в кръвта!
http://auto-motor-und-sport.bg/