Bugtraq mailing list archives
[Aria-Security] Stuffed Tracker Multiple Cross-Site Scripting VULN
From: Advisory () Aria-Security Net, "[ NO REPLY ]"@securityfocus.com
Date: 5 Oct 2007 22:05:29 -0000
Aria-Security Team ---------------------- Viart Shopping Cart Directory Transversal Vuln Vendor: http://www.viart.com/ POC: function createCertFingerprint($filename) { $fp = fopen($filename, "r"); http://target/path/payments/ideal_process.php Credits Goes To Aria-Security Team Thanks To Aura Regards, The-0utl4w http://Aria-Security.Net [Aria-Security's Website]
Current thread:
- [Aria-Security] Stuffed Tracker Multiple Cross-Site Scripting VULN [ NO REPLY ] (Oct 04)
- <Possible follow-ups>
- [Aria-Security] Stuffed Tracker Multiple Cross-Site Scripting VULN [ NO REPLY ] (Oct 06)