TUCoPS :: Web :: e-commerce, shopping carts :: hack1860.htm

CommerceSQL Remote File Read Vulnerability
[CommerceSQL] Remote File Read Vulnerability 



CommerceSQL shopping cart (http://commercesql.com) allows remote file reading. It only needs to specially prepared page variable in index.cgi to allow reading remote files (like /etc/passwd)



By using prepared GET page variable it allows user to read remote files



Example:

With index.cgi?page=../../../../../../../../etc/passwd puts out your /etc/passwd on the screen of pottential attacker.



Vulnerable:

* All CommerceSQL Shopping Cart Versions



Exploits:

* Not needed



Patch:

* Not yet available



-- 

Mariusz "Craig" Cieśla  

getNet network administrator / security consultant

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH