Open Solution QuickCart Index.PHP Local File Include Vulnerability
BID:24281
Info
Open Solution QuickCart Index.PHP Local File Include Vulnerability
| Bugtraq ID: | 24281 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 03 2006 12:00AM |
| Updated: | Jun 04 2007 06:00PM |
| Credit: | Kacper is credited with the discovery of this vulnerability. |
| Vulnerable: |
Open Solution Quick.Cart 2.2 Open Solution Quick.Cart 2.0 |
| Not Vulnerable: | |
Discussion
Open Solution QuickCart Index.PHP Local File Include Vulnerability
Quick.Cart is prone to a local file-include vulnerability because the application fails to sufficiently sanitize user-supplied input.
Exploiting this issue may allow an unauthorized user to view files and execute local scripts.
Quick.Cart 2.2 and prior versions are vulnerable to this issue.
Quick.Cart is prone to a local file-include vulnerability because the application fails to sufficiently sanitize user-supplied input.
Exploiting this issue may allow an unauthorized user to view files and execute local scripts.
Quick.Cart 2.2 and prior versions are vulnerable to this issue.
Exploit / POC
Open Solution QuickCart Index.PHP Local File Include Vulnerability
Attackers can use a browser to exploit this issue.
The following exploit code is available:
Attackers can use a browser to exploit this issue.
The following exploit code is available:
Solution / Fix
Open Solution QuickCart Index.PHP Local File Include Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Open Solution QuickCart Index.PHP Local File Include Vulnerability
References:
References:
- Quick.Cart Homepage (Open Solution)