GeoCarts suffers from cross site scripting and remote file inclusion vulnerabilities.
64a2127868ad766725ccc2a6ee91a7f3d27e9b21334eaba4a444a2c875616af5
+==========================================================================================+
+ Powered By GeeCarts <= ALL VERSIONS XSS & RFI Multiple Remote Vulnerabilities +
+==========================================================================================+
Author(s): Ivan Sanchez
Product: Powered By GeeCarts Copyright ©
Web: http://www.geecarts.com/
Versions: all versions
Date: 26/03/2008
GOOGLE SEARCH:
--------------
Powered By GeeCarts
Exploit:
--------
For example , some functions vulnerable:
1-show.php?
2-search.php?
3-view.php?
And other functions are not sanitize the Input-
http://www.[DOMAIN].tld/show.php?id=[XSS or RFI]
http://www.[DOMAIN].tld/search.php?id=[XSS or RFI]
http://www.[DOMAIN].tld/view.php?id=[XSS or RFI]
http://www.[DOMAIN].tld/morefuncionts?id=[XSS or RFI]
NULL CODE SERVICES [ www.nullcode.com.ar ] Hunting Security Bugs!
+============================================================================================+
+ Powered By GeeCarts <= ALL VERSIONS / XSS & RFI Multiple Remote Vulnerabilities +
+============================================================================================+